Online shopping has transformed the way we buy everything from groceries to electronics. It has also created a vast new landscape for fraud. UK consumers lost over £85 million to online shopping scams in a single recent year according to Action Fraud, and the true figure is likely far higher given how many people do not report. Understanding how these scams work — and how to protect yourself — is one of the most practically useful things you can do for your financial security.
The sophistication of online shopping scams has increased dramatically. Where early scams were obviously fake, modern fraud operations create websites that are virtually indistinguishable from legitimate retailers, complete with professional photography, convincing product descriptions, fake review systems, and even live chat functions staffed by scammers. Some even send you a cheap counterfeit product to delay your realisation that something is wrong.
How fake online stores work
The typical fake online store operation works like this: a fraudster registers a domain name that sounds credible (often incorporating a genuine brand name or a keyword like “outlet”, “deals”, or “official”), builds a website using stolen product images and descriptions from legitimate retailers, sets prices attractively below market rate to draw in customers, and then either takes payment and delivers nothing, sends a worthless counterfeit, or uses your payment details for further fraud.
These operations often run for a few weeks, then disappear — taking their domain offline, moving to a new one, and starting again. The operators are typically based outside the UK and specifically target UK, US, and Australian consumers because these markets tend to purchase more online and have well-developed payment card fraud recovery expectations that scammers have learned to exploit.
The warning signs of a fake shopping website
Prices that are too good to be true. This is the clearest signal. If a website is selling a PlayStation 5, an iPhone, or a designer handbag for 60 or 70 percent less than everywhere else, the explanation is almost never a genuine deal. Legitimate retailers operate on tight margins and cannot sustainably undersell the market this dramatically. If the price triggers your “this seems too cheap” instinct, trust it.
Recently registered domain. Use a WHOIS lookup tool (simply search “WHOIS” followed by the domain name) to check when the website’s domain was registered. A legitimate retailer that has been trading for years will have a domain registered years ago. A website registered last month claiming to be a well-established store is almost certainly fraudulent. Domain age is one of the most reliable fraud indicators and takes 30 seconds to check.
No physical address or verifiable contact details. Every legitimate business in the UK must provide a physical address under the Consumer Contracts Regulations. If a website has only a contact form, a generic email address like sales@gmail.com, or contact details that return no results when searched, treat this as a serious red flag. Attempt to call any phone number listed — if it goes unanswered or to a generic voicemail, that is telling.
Poor grammar and spelling throughout the site. Professional retailers invest in copywriting. If a website contains multiple spelling errors, grammatically awkward sentences, or text that reads like it was machine-translated from another language, this strongly suggests the site is not what it claims to be.
No genuine customer reviews. Search for the website name combined with the words “reviews”, “scam”, “legit”, or “complaints” on Google. Check Trustpilot. Genuine retailers have review histories — both positive and negative. A complete absence of reviews, or reviews that are suspiciously uniform and enthusiastic, are both red flags. Check the dates on reviews: a site with dozens of glowing reviews all posted within a two-week period has purchased fake reviews.
The safest ways to pay online
How you pay when shopping online determines how much protection you have if something goes wrong. This is genuinely important and worth understanding in detail.
Credit card gives you the strongest protection available. Under Section 75 of the Consumer Credit Act, your credit card company is jointly liable with the retailer for purchases between £100 and £30,000. If you are defrauded, you can claim a full refund from your card issuer — even if the retailer has disappeared. This protection does not apply to debit cards under Section 75, though debit card holders have some protection under the voluntary chargeback scheme.
PayPal offers Buyer Protection on most purchases made through the platform. If you do not receive your item or it is significantly different from the description, PayPal will investigate and typically refund you. Pay through PayPal’s guest checkout rather than directly to a bank account.
Debit card offers some protection through chargeback — a voluntary scheme operated by Visa, Mastercard, and Maestro that allows your bank to reverse a payment to a fraudulent merchant. It is less guaranteed than Section 75 but is still worth pursuing.
Bank transfer, cryptocurrency, or gift card vouchers offer effectively zero protection. These payment methods are non-reversible by design and are specifically preferred by fraudsters because once the money is transferred, it is almost impossible to recover. Never pay for an online purchase using these methods regardless of what reason the seller gives for preferring them.
Recognising fraud on legitimate marketplaces
Fraud does not only occur on standalone fake websites. Fraudulent sellers also operate on legitimate platforms including Amazon Marketplace, eBay, Facebook Marketplace, Gumtree, and Vinted. These platforms provide some protection — but only if you use them correctly.
On Amazon Marketplace and eBay, always check the seller’s feedback rating and read recent reviews carefully. Be particularly suspicious of sellers with very few reviews selling high-demand or high-value items. Check when the seller account was created — a new account selling luxury goods at a discount is a common fraud pattern.
On Facebook Marketplace and Gumtree, always meet in a safe public place for in-person transactions. Never pay by bank transfer to someone you have not met. Be extremely cautious of any seller who cannot meet locally, asks you to pay extra for delivery insurance, or pressures you to complete the transaction quickly.
Critically: never agree to move a transaction outside of the official platform. When a seller on any marketplace asks you to contact them via WhatsApp and pay by bank transfer “to save on fees”, they are attempting to move you off the protected platform specifically so they can defraud you without the platform’s buyer protection applying.
What to do if you have been scammed
If you have already made a payment to what turns out to be a fraudulent seller, act immediately — speed matters.
If you paid by credit or debit card, contact your card issuer straight away and tell them you have been the victim of online fraud. For credit cards, ask to raise a Section 75 claim. For debit cards, ask for a chargeback. The sooner you report, the stronger your claim.
Report the scam to Action Fraud at actionfraud.police.uk or by calling 0300 123 2040. This creates an official record and contributes to intelligence about active fraud operations. Report the fraudulent website to the National Cyber Security Centre at report.ncsc.gov.uk/phishing — they can investigate and take the site offline to protect others.