National Cyber Security Centre
Printable version

Seasonal scam warning for last minute Christmas shoppers

The NCSC urge last minute Christmas shoppers to stay safe online by following best practice guidance.

  • Ahead of the last Saturday before Christmas, the UK’s cyber experts issue online shopping advice
  • Fake shops, scam messages and bogus adverts could derail festivities if people don’t protect themselves
  • Shoppers urged to visit the National Cyber Security Centre’s website for advice on staying safe online and reporting scams for investigation

The National Cyber Security Centre (NCSC) is urging last minute shoppers not to be panicked into buying presents from fake shopping sites or falling foul of seasonal scams. 

With under a fortnight to go until Christmas, the NCSC, which is a part of GCHQ, is advising shoppers to follow its advice on protecting devices and shopping securely online. 

The advice comes in one of the busiest weeks for Christmas shopping purchases as shoppers rush to meet the guaranteed delivery dates for Christmas. This peaks on the last Saturday before Christmas (Saturday, December 18). 

This shopping is increasingly happening online, with UK Finance revealing that last December saw a higher proportion of online shopping than any other previous year. 

The last-minute dash for buying presents can leave people more vulnerable to falling for scams, especially those that use topical ‘lures’ such as spoofing retailers or delivery companies.

NCSC Director for Policy and Communications, Nicola Hudson, said: 

“It’s great that people have the option to buy online as we enter the final days of Christmas shopping, but they should be alert to opportunistic scammers at this time of year.

“The good news is that there are common signs of a scam that people can look for, for example offers that seem too good to be true or claim that particular items are in short supply.

“To protect themselves, there are practical steps people can take, from setting a strong password on accounts to researching a brand before buying – much more can be found on this on the NCSC’s website.”

To avoid gifting the scammers this Christmas, the NCSC is advising shoppers to take steps to protect themselves when shopping online by following our cyber safety-first shopping checklist: 

  • Keep your accounts secure - make sure you use strong and separate passwords for your most important accounts such as email, banking or payment accounts (such as PayPal). The NCSC recommends using three random words to create your passwords.  Also turning on two-factor authentication (2FA) to add an extra layer of protection.
  • Be aware of emails, text messages or websites that look too good to be true or suspicious - many scammers set up fake messages designed to steal your money and personal details.  If something doesn’t feel right, you can report it to the NCSC.   
  • Choose carefully where you shop - research on online retailers to check they're legitimate before you buy, for example look at consumer websites you trust. Some emails or texts you receive about amazing offers may contain links to fake websites. If you're unsure, don't use the link!
  • Use a credit card for online payments if you have one - most major credit card providers protect online purchases, and are obliged to refund you in certain circumstances. 
  • Only provide enough details to complete your purchase - only fill in the mandatory details on a website when making a purchase (often marked with an asterisk). 

The NCSC is also encouraging shoppers to show some festive goodwill by reporting any suspicious emails to its Suspicious Email Reporting Service (SERS) by forwarding to or suspected scam text message by forwarding to 7726. Anybody who thinks they have discovered a scam website can report this directly to the NCSC on our website.

People can visit the NCSC’s website for guidance on shopping online securely and protecting their accounts and devices from the majority of online harms.

Channel website:

Original article link:

Share this article

Latest News from
National Cyber Security Centre