A recurring feature covering the scams and social-engineering attempts actively making the rounds against Etsy sellers, since the tactics evolve constantly and most sellers only hear about a new one after they’ve already been targeted once.
The “can I get your email?” message
Still one of the most common opening moves against sellers, and still effective enough that scammers keep using it. A buyer messages asking to move the conversation off Etsy, usually citing a reason that sounds plausible — wanting to send reference photos too large for Etsy’s messaging, or claiming a payment issue that needs “resolving directly.” Once the conversation moves to email or a personal number, Etsy’s buyer and seller protections no longer apply, and the scammer has room to attempt a fake payment confirmation, a chargeback setup, or simply to phish for more personal information.
The fix is simple and worth stating plainly to any buyer who asks: keep every part of the transaction inside Etsy’s messaging and payment system, no exceptions, regardless of how reasonable the stated reason sounds.
Fake “Etsy Support” messages
A steady stream of reports involve messages or emails impersonating Etsy Support, often citing an urgent account issue (a policy violation, a suspended payment account) and asking the seller to “verify” their account by clicking a link and logging in. The link leads to a convincing fake login page designed to harvest credentials. Etsy does not ask sellers to verify account credentials through an emailed link outside of Shop Manager. If you get a message like this, don’t click through — log into Etsy directly through the app or by typing the URL yourself, and check Shop Manager’s actual notifications for anything real.
QR code phishing on packing slips and cards
A newer variant making the rounds: a “buyer” sends a message or leaves a note asking the seller to include a QR code (framed as a discount for the buyer’s next order, or a “thank you” card design) inside the shipped package. The QR code, when scanned, leads to a phishing page or a malicious download rather than whatever it claims to offer. If a buyer asks you to include any code, link, or insert you didn’t design yourself, treat it as a red flag by default, not a normal customization request.
Fake copyright infringement notices
Sellers are also reporting emails claiming to be from a rights holder or law firm, alleging a specific listing infringes a copyright or trademark, and demanding the seller click a link to “review the claim” or pay a fee to avoid legal action. Real copyright complaints against Etsy listings go through Etsy’s own reporting system and show up as an actual policy violation in Shop Manager, not as an unsolicited email with a payment demand attached. Treat any email like this as suspicious until verified independently, and never click the embedded link or pay anything through it.
The pattern underneath all of these
Nearly every scam targeting Etsy sellers shares one structural trait: it tries to move the interaction outside of Etsy’s own systems, whether that’s email, a personal messaging app, an external link, or a scanned code. Etsy’s built-in messaging, payments, and policy-reporting tools exist specifically because they create a record and a layer of protection that disappears the moment a conversation moves elsewhere. The single most reliable habit against nearly all of these is a simple rule: if something is trying to get you off-platform, slow down and ask why, before you do anything else.
If you’ve seen a scam attempt that doesn’t match one of the patterns above, it’s worth reporting through Etsy’s official channels regardless, since new variants show up regularly and reporting helps Etsy’s trust and safety team track patterns across the marketplace.

