The holiday season brings joy, celebration, and shopping. Unfortunately, it also brings an alarming surge in cyber-crime. Scammers and Cyber-crime organisations create targeted scamming campaigns in the same way traders create targeted campaigns to sell products. In the same fashion, cyber organisations and freelance cyber-criminals take advantage of the increased online activity. From phishing schemes to sophisticated impersonations and fake websites, these scams target individuals and businesses alike. Why is the UK such a hotbed for cyber-crime? And what specific scams should you watch out for this holiday season?

Why Cyber Criminals Target the UK

The UK’s global economic influence and prevalence of English as the international language of business make it a prime target for cyber-criminals. With the UK’s strong digital infrastructure and reliance on online shopping, criminals find ample opportunities to exploit vulnerabilities. The holiday season, with its flurry of online transactions and deal-hunting, presents the perfect environment for scams to thrive.

The Sales Season

The lead up to Christmas is full of sales and shopping—and cyber-criminals know it. The National Cyber Security Centre (NCSC) reported a sharp rise in fake online stores set up to steal shoppers’ personal and payment details. These websites often mimic legitimate retailers, luring customers with unbelievable discounts on popular items like electronics, fashion, and gadgets.

Last year, the UK saw a significant rise in purchase scams, with £85.9 million stolen across 156,516 cases. Examples include:

  • Fake Tech Deals: Scammers create websites advertising high-demand items such as gaming consoles, smartphones, and laptops at discounted prices. Once payment is made, the product is never delivered.
  • Phishing Emails: Fraudulent emails promising exclusive deals trick users into clicking malicious links that harvest personal information or install malware.
  • Social Media Scams: Criminals exploit platforms like Facebook and Instagram to promote fake ads and redirect users to fraudulent sites.

Invoicing Scams

As online shopping spikes, so do scams involving delivery notifications and fake order confirmations. A recent example highlights scammers targeting the agricultural sector. A farmer in Lancashire lost £16,000 after falling victim to an invoice scam. Fraudsters impersonated a legitimate supplier, sending a fake invoice with updated bank details. Trusting its authenticity, the farmer transferred the funds, only to realise later that the money had been sent to criminals.

Verify invoice legitimacy by checking the seller’s profile for reviews, ensuring invoice details (name, address, itemised costs) match, and using secure payment methods like PayPal Goods & Services. Avoid upfront cash payments and trust your instincts—if it feels off, don’t proceed.

Watch out for Quishing Scams

Quishing is a rising threat where QR codes redirect users to malicious websites or install malware. Quick Response (QR) codes are being increasingly used by criminals to get hold of people’s personal details. These codes work like a barcode to access websites that enable you to order, and pay for goods and services, such as pub meals or parking. For example, fake QR codes on InPost mailboxes can trick users. Scammers posing as customer service reps might instruct you to scan a code to “identify the mailbox location.” Instead, it leads to a fraudulent site or malware, granting cyber-criminals access to your device. Always use official channels if unsure.

Vacation and Travel Scams

Holiday Scams: Fake Bookings, Cloned Sites, and Refund Fraud

Fraudsters are targeting holidaymakers with a variety of scams, from fake accommodation deals to cloned booking websites and fraudulent refund offers. Scammers often create fake websites or holiday adverts, offering tempting discounts on villas or cottages, only to steal deposits paid via bank transfer or currency transfer services. In some cases, travellers arrive to find the accommodation doesn’t exist. Popular booking platforms like Airbnb and Booking.com are also frequently cloned, tricking users into providing payment details or paying for non-existent properties.

Another common tactic involves fake cancellation refunds, where fraudsters send emails or set up fake social media accounts asking for payment details to process a refund for cancelled flights or bookings.

How to Stay Safe

  • – Avoid Bank or Currency Transfers: Always pay deposits using credit cards to benefit from protections like Section 75.
  • – Verify Website Addresses: Double-check URLs to ensure they are official and avoid clicking on links in unsolicited emails or texts.
  • – Research Properties and Reviews: Look for reviews on independent websites and confirm the legitimacy of the property and its owner.
  • – Be Wary of Refund Requests: Never share payment details without verifying the authenticity of the refund offer through official channels.

Protecting Yourself During the Holiday Season

Here are some essential tips to stay safe while shopping and celebrating this holiday season:

  • Verify Websites: Always double-check the URL of online stores. Legitimate retailers will use secure websites with URLs starting with “https://.”
  • Beware of Unrealistic Deals: If a deal seems too good to be true, it probably is. Stick to trusted retailers and avoid clicking on links in unsolicited emails or social media ads.
  • Secure Payments: Use credit cards or secure payment platforms like PayPal for online purchases, as these offer better fraud protection than debit cards or direct bank transfers.
  • Check for Official Communications: Delivery companies and charities won’t ask for sensitive information or payments through unsolicited emails or texts.
  • Stay Informed: Learn about the latest scams, such as deepfakes and phishing tactics, to better recognise threats.
  • Remain sceptical of Messages: Avoid clicking on links or downloading attachments in emails or texts.

Conclusion: Staying Safe in a Digital World

The holiday season is a time for celebration, but it’s also a peak period for cyber-criminals. From fake online stores to deepfake scams, the tactics used by fraudsters are becoming increasingly sophisticated. As the UK remains a significant target for cyber-crime due to its global prominence, vigilance is essential. By staying informed, verifying communications, and using secure online practices, you can protect yourself and your loved ones from falling victim to these scams.