We want to alert all WooCommerce store owners about a new phishing campaign targeting users like you.
This scam tries to trick store owners into installing malware by sending fake emails claiming there’s a critical vulnerability in WooCommerce.
The emails look convincing — they pretend to be official security alerts and pressure you into clicking a link or installing a supposed “patch”. But be careful: this is a scam!
At Naked Cat Plugins, we already saw this firsthand — one of our WooCommerce support clients received one of these phishing emails:
🔗 For full details about how this scam works and what to watch out for, check out Patchstack’s full article here.
Remember:
- Always verify security warnings through official channels.
- Never click suspicious links or install plugins/themes from unknown sources.
- WooCommerce will never send you a patch via email or ask you to download it from anywhere else.
If there’s ever a security fix, it will be included in a new version of the official WooCommerce plugin at wordpress.org. - If in doubt, ask for help before taking action.
Stay safe — and stay suspicious of sketchy emails!
Even Quica and Maria, our official Naked Cat mascots, have their suspicious faces on… and trust us, those are some serious Sphynx glares. 😼
