Fake Etsy invoice scam tricks sellers into sharing credit card information 
这篇文章介绍了针对Etsy卖家的新骗局:骗子通过看似来自Etsy官方的邮件或信息,附带PDF文件诱导卖家点击可疑链接并提供敏感信息(如信用卡详情)。识别骗局的关键在于注意发件人地址是否为@etsy.com、邮件是否使用通用称呼(如“Dear Seller”)、以及链接是否指向非官方域名。保护措施包括直接访问Etsy官网验证信息、避免点击可疑链接,并使用安全软件防范恶意网站。 2025-2-12 14:0:0 Author: www.malwarebytes.com(查看原文) 阅读量:8 收藏

Image of a phone with an Etsy logo on it in front of boxes and a shopping trolley

This article was researched and written by Stefan Dasic, manager, research and response for ThreatDown, powered by Malwarebytes.

As an online seller, you’re already juggling product listings, customer service and marketing—so the last thing you need is to be targeted by scammers.

Unfortunately, a new scam is making the rounds, and it’s crucial to recognize the warning signs before you fall victim. In this post, we’ll walk you through exactly how this scam works, show you what to watch out for, and give you tips on keeping your Etsy account secure. 

The scam usually starts with an email/message that appears to be from Etsy’s support team, with what looks like an official invoice in PDF format attached. The PDF is hosted on etsystatic.com, which is particularly alarming given it’s a legitimate domain that Etsy uses for static content. This clever detail makes the file seem even more trustworthy, catching unsuspecting sellers offguard.

Despite this, there are still some red flags to look for: 

  • The email uses language like “Dear Seller” or “Hello Etsy Member”, instead of addressing you by your Etsy shop name or username
  • The sender’s email address doesn’t end in @etsy.com, or has suspicious variations (extra numbers or letters)
  • Phrases like “immediate action required” or “your account will be closed” that rush you into clicking. This is a common scare tactic.

Inside the PDF, there’s often a clickable link urging you to “confirm your identity” or “verify your account.” If you click through, you’re taken to a website that, at first glance, looks very much like an official Etsy support page.

Here’s where you need to be extra vigilant: 

  1. The web address might look similar to etsy.com but could include extra words, missing letters, or unusual extensions (e.g., verlflcation-etsy[.]cfd). 
  2. The site may ask for more information than Etsy would normally request for verification – like your full name, address, and even your credit card details. 
  3. Real Etsy pages usually have fully working navigation and other standard features. Scam sites often have broken or non-functioning links. 

In the final step, the counterfeit page will prompt you to enter your credit card details, supposedly to “confirm your billing information” or “validate your seller account.”

This is an immediate red flag: Etsy never requires you to provide credit card information for identity verification outside of its standard, secure payment setup. If you provide these details, scammers can use them to make unauthorized purchases—or sell them on underground markets. 

How to protect yourself from Etsy scams

  • Check the “From” field in emails to make sure it comes from a legitimate Etsy address.
  • Rather than click on the links inside the email, open a new browser and go directly to etsy.com instead and navigate there
  • Question any urgent or unusual requests: Legitimate platforms do not ask for full credit card information for verification via a PDF link or email.
  • Use Malwarebytes Browser Guard to protect you from malicious websites, card skimmers, ads, and more. Browser Guard already blocks the domains in this article.
  • If something feels off, reach out to Etsy’s official support directly. They can confirm whether any invoice or verification request is real. This won’t protect your credit card data if you hand it over, but it does help secure your Etsy account from unauthorized logins. 

Indicators of Compromise (IOCs) 

Below are some known IOCs associated with this fake invoice scam. (Please note these are examples, and actual IOCs can vary over time.) 

com-etsy-verify[.]cfd 

etsy-car[.]switchero[.]cfd 

etsy[.]1562587027[.]cfd 

etsy[.]3841246[.]cfd 

etsy[.]39849329[.]cfd 

etsy[.]447385638[.]cfd 

etsy[.]57434[.]cfd 

etsy[.]5847325245[.]cfd 

etsy[.]6562587027[.]cfd 

etsy[.]6841246[.]cfd 

etsy[.]72871[.]cfd 

etsy[.]7562587027[.]cfd 

etsy[.]8841246[.]cfd 

etsy[.]92875[.]cfd 

etsy[.]9438632572[.]cfd 

etsy[.]948292[.]cfd 

etsy[.]97434[.]cfd 

etsy[.]984323[.]cfd 

etsy[.]checkid1573[.]cfd 

etsy[.]chekup-out[.]cfd 

etsy[.]coinbox[.]cfd 

etsy[.]fastpay[.]cfd 

etsy[.]offer584732[.]cfd 

etsy[.]offer62785[.]cfd 

etsy[.]offer684732[.]cfd 

etsy[.]paylink[.]cfd 

etsy[.]paymint[.]cfd 

etsy[.]paywave[.]cfd 

etsy[.]requlred-verlfication[.]cfd 

etsy[.]requstlon-verflcation[.]cfd 

etsy[.]web-proff-point[.]cfd 

verlflcation-etsy[.]cfd 

We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.


文章来源: https://www.malwarebytes.com/blog/news/2025/02/fake-etsy-invoice-scam-tricks-sellers-into-sharing-credit-card-information
如有侵权请联系:admin#unsafe.sh