The gifting season is almost here. Have you already written your bucket list for the Black Friday sales?

Well, so have the hackers. And theirs might just include your credit card and bank details.

There is a noticeable increase in cyber scams and frauds during this season, leading to millions of pounds stolen by hackers. In the UK alone, £15.3 million was lost to scams during the last festive season, with the average loss being £1,000.

To help you stay aware, we’ve taken a look into some common cyber frauds and scams associated with online shopping and what you can do to safeguard your purses.

Fake websites vs vs

Difficult to spot the difference, isn’t it?

An all too common method of cyber fraud during high-traffic events like this season, hackers commonly create entire fake websites resembling the original ones, with slight changes in name. Then, allure you to these using phishing emails or text messages to visit and shop. These are used to steal your username and passwords or worse still, credit card and banking details.

Fake shopping apps or malicious browser extensions

Sometimes, hackers send emails or screen pop-up apps offering apps or browser extensions with huge shopping discounts. In reality, these download malicious code to your computer when you install them. Hackers then have control over all activity on your browser, including your passwords or credit card details as you type.


Phishing is an ongoing cyber fraud challenge. The Anti-Phishing Working Group (APWG) estimates that attacks tripled from 2020 to 2021; just the first half of 2022 has seen over a million attacks.

This threat magnifies itself during the festive season, with scammers luring you disguised as genuine banks or shopping websites, fake websites or fake apps. Their target – your passwords, account numbers and credit card details.

Verification code hijacking

A distinctive way of phishing is to hijack your verification codes. Many websites and apps have increased their security by sending single-use codes to you by email or on your phone. The sneaky hackers know this and try to get your information by masquerading as your bank or a particular website.

They might call saying that there is a problem with your account and that they will be sending you a code so that you can prove your identity. In most cases, the hackers already have your password (through an earlier hack) and use this technique to get the second code for a successful break-in.

How to protect yourself against cyber fraud

First the basics – secure cyber hygiene

  • Use a secure PC or laptop for online access
  • Use a genuine operating system, patched with the latest updates
  • Install reputed antivirus software
  • Using a non-admin user profile

Password security

Ensure the site is secure for online transactions

  • Authenticate the full domain name properly (better to type it on the browser rather than clicking links with the site name) 
  • Check your browser to ensure that the website begins with https:// and there is a ‘lock’ sign at the start of the website name.
protect yourself from cyber fraud - ensure that any website URL you use begins with https://
ensure that any website you use begins with https://

Use reputed apps for shopping

  • Always download these apps from Google Play Store (Android) or Apple App Store (iOS).

Monitor your bank and credit card accounts

  • Monitor for dubious transactions frequently – in case of doubt, immediately contact their call centre.
  • Many card providers provide insurance against scams. Check it out. With the right insurance, you will likely recover the money if you fall prey to scammers. 

Finally – if it looks too good to be true, it probably is. So, keep your alert quotient high as you scout for deals, and avoid being a victim of cyber fraud.

We wish you a secure shopping experience.

If you’d like to know more about how Galaxkey can help protect your business from cyber fraud, get in touch today.