Shein – more Chinese spyware – fast fashion at the expense of privacy (safety)

Shein has emerged as a major ‘fast fashion’ player in the Australian market. If that is all it does, then buying cheap, low-quality fashion would be more of a case of ‘let the buyer beware’.

First, Chinese-owned Shein (AU website) has no overt ownership relationship to Temu – more Chinese spyware – the catch in cheap online shopping, which has proven app spyware and Chinese Communist Party (CCP) links.

Second, Chinese-owned Shein and Temu have skyrocketed from ‘’Zero to Hero’. Both extensively use Meta-owned Facebook and Instagram and spyware masquerading as a short video platform TikTok (another Chinese-owned entity – read Why TikTok Pixel Spyware is deceitful and just plain wrong).

Third, the US-China Economic and Security Review Commission (USCC) claims that Shein and Temu pose a risk to US customer data. It is particularly critical of Shein, with the report saying it “requests that users share their data and activity from other apps, including social media, in exchange for discounts and special deals on Shein products.”

Fourth, Shein, like Temu, has been accused of counterfeiting, copyright breaches, and human rights abuse. Let’s not mention shoddy service, difficulty getting refunds, and goods not as described. Oh, and it somehow evades US import tariffs via a scheme called De Minimis (avoids 16.5% import duty and 7.5% Chinese tariff).

In Australia the consumer must pay GST before delivery.


Spyware in its Android app allows it to exfiltrate the Clipboard contents to who knows where. Shein claims it only affects users up to mid-2023. Android 12 onwards now prevents this behaviour.

Respected security site KIMKOMANDO recommends deleting the following Chinese apps with direct ties to the CCP:

  • TikTok — Bytedance
  • Lemon8 — Bytedance
  • CapCut — Bytedance
  • Pinduoduo — PDD Holdings
  • Temu — PDD Holdings
  • CamScanner — Intsig Information
  • Shein — Roadget Business 
  • TurboVPN — Innovative Connecting
  • WeChat — Tencent
  • UC Browser — Alibaba Group
  • SHAREit — SHAREit Technologies

Service – it is mutually exclusive to use cheap and service in the same sentence

In the US, the Better Business Bureau gave it a FAIL rating and issued a Current Alerts For This Business. It received over 3000 complaints in the past three years.

TrustPilot Australia reports that over 68% of Australian reviews are negative, with a high proportion of positive reviews being suspect with the sole purpose of burying 1–4-star reviews.

Product Review Australia says 68% of Shein reviews are negative, and again, 29% of positive reviews are ‘review stuffing’ using similar phrases and words from unverified buyers. Shein awards shopping points for positive reviews and censors via not publishing negative ones.

Sitejabber reports only 4.3% positive reviews from 4839 negative ones. It, too, reports ‘review stuffing’’ praising its customer service to reduce the impact of negative reviews.

If you must use Shein

First, remember that Amazon AU and eBay AU are safe. You are risking too much with Shein.

  • Install a paid anti-virus/malware program like Trend Micro Device Security Ultimate – excellent broad-spectrum protection.
  • Use a junk email address (easy to set up at Google or elsewhere) that you can afford to be hacked.
  • Give it false personal information, especially your birthdate and gender.
  • Use PayPal to protect your credit card details. PayPal never reveals your credit card number to merchants.
  • If possible, use a delivery address that is not your residential address.
  • Use the website instead of the app, which needs unnecessary permissions and could steal your data.
  • Read privacy terms (often as useless as the digital paper they are written on).
  • If a deal sounds too good to be true – it is.
  • Never answer questionnaires or provide merchant ratings.

CyberShack’s view – Shein – where there is smoke, there is fire

We can only report well-researched information. We have referenced all sources. There is no intent to impugn Shein or Temu. But the facts are in the US, at least, it considers these companies too risky to deal with. Whether that is spyware, their CCP affiliation or whatever does not matter.

The Shein Privacy Policy (28,834 words) and Terms and Conditions (9,678 words) cannot be copied or printed out. They are at the end of an extremely long home page that keeps pushing the fine print down the page.

We managed to scrape the pages, and they are below.

We consider the collection of personal information and how it is shared well in excess of what a fast-fashion e-commerce site requires. The policy is ambiguous about where the data is stored and what law applies. It does state that if you don’t agree with the policy or terms, you should immediately stop accessing or using its services. Who reads nearly 40,000 words when you want a bargain?