Fake Shopify / BigCommerce / WooCommerce ecommerce platform subscription payment failed, online store offline, or merchant account suspended phishing — fraudulent email impersonating Shopify, BigCommerce, or WooCommerce claiming the subscription payment has failed, the online store and checkout are offline, or the merchant account is suspended — directing them to update billing or restore the store through a credential-harvesting portal; Shopify: 2M+ merchants ($29-299/month); BigCommerce: 60K+ merchants; store going offline means zero sales revenue in real time — the most direct revenue-loss phishing hook of any billing signal

Phishing emails impersonating Shopify, BigCommerce, or WooCommerce claiming the ecommerce platform subscription payment has failed, the online store and checkout are offline, or the merchant account has been suspended — directing them to update billing or restore the store through a credential-harvesting portal. Distinct from the existing fake-shopify-etsy-seller-account-suspended-phish (policy violation / account restriction) — this specifically targets billing payment failure with store-offline urgency. Key facts: (1) Store going offline means literal real-time revenue loss: Shopify serves 2M+ merchants ($29-299/month Starter/Basic/Shopify/Advanced) running production e-commerce storefronts; when a Shopify subscription lapses, product pages return 404 errors, the checkout stops accepting orders, and the store domain stops resolving — merchants who process hundreds or thousands of dollars per hour lose all sales revenue for every minute the store is offline; 'your Shopify subscription has lapsed and your store is now offline' creates the most immediate and quantifiable financial urgency of any billing phishing category — the cost of not acting is visible in real-time zero-revenue; (2) Shopify's ecosystem lock-in makes suspension particularly alarming: Shopify merchants have built their entire digital retail infrastructure on Shopify — custom themes, app integrations (Klaviyo, ReCharge, Gorgias, Yotpo), Shopify Payments processing, and domain management; migrating a Shopify store is weeks of work, making keeping the account active critically important; many merchants also use Shopify Capital (merchant cash advances), making billing disputes with Shopify potentially more consequential; (3) BigCommerce targets mid-market merchants with complex catalog needs: BigCommerce serves 60K+ merchants ($29-299/month) providing enterprise-grade e-commerce features including multi-storefront, B2B wholesale pricing, and headless commerce; a BigCommerce subscription suspension takes down the entire merchant infrastructure including product catalog APIs used by headless frontends; (4) WooCommerce's self-hosted model creates unique attack surface: WooCommerce (200M+ downloads, 28% of all online stores) is technically free but merchants pay for WooCommerce Subscriptions ($199/year), WooCommerce Payments, and WooPayments — phishers target WooCommerce renewal billing, Jetpack security subscriptions, and WooCommerce.com account access; (5) E-commerce platform credentials give attackers access to customer order databases (names, addresses, order histories), payment method tokenization records, Shopify Payments banking information, and connected third-party app OAuth tokens. Warning signs: sender not shopify.com, bigcommerce.com, or woocommerce.com; store status is never changed via email link.