If you’re an owner of Shopify Store or doing paid media on your clients using Shopify Platform, you probably encounter this problem in the past or while reading this.
I can confirm to you that this is a global issue right now and it’s not clear if this is intentional or automated by bots.
How Would You Know if You’re a Victim of This?
Everyone can be a victim of this and not just Shopify but all other platforms.
Usually, you’ll see Purchase conversions attributed to your campaigns even there’s no actual orders on the backend. You will also notice Purchase value higher than the expected value of your product, or using different currency. Since majority that doing this just wanted to mess up your ROAS.
How Is This Possible?
The attacker injects the code directly in the source code of your website and trigger the conversion forcibly or manually. And to completely mess up your data, the attacker have seen or clicked one of your active campaigns to be able to attribute the fake conversions on your ad.
Below is the step-by-step guide on how to fix it. All you need to do is to follow the video and copy the code I also provided below: