top of page

Bargain hunters: beware of January sales scammers!

With Christmas firmly out of the way, the January sales have officially landed, both in stores and online, and it’s the perfect opportunity to bag a bargain. But once again, our guidance is buyer beware!

The January sales aren’t quite the big deal as they once were. In the past, queues would form overnight outside major retailers, and stores would open at ridiculous hours to allow people to rush through the doors to grab their bargains.

But now, with Black Friday and Cyber Monday stealing the online bargain hunting crown, and with many retailers relying on a post-Christmas online surge, the once famous January sales aren’t nearly as frantic.

But the move to an online focus gives scammers the chance to pick off the most vulnerable of shoppers, or perhaps those less tech savvy.

Simon Mair, head of information security and data privacy at wealth manager Brewin Dolphin, has shared his concerns for those searching for bargains this month.

He explained:

“Scammers are getting increasingly more sophisticated and use a range of tactics. Phishing scams are commonplace, so it is vital shoppers think about what link they are clicking on and assess whether it looks reliable and from a trustworthy source.
“Ensure any electronic gifts you are giving or receiving are protected with the most up to date virus protection and two-factor authentication is used wherever possible.
“In emails, look for spelling mistakes, check the email domain and think twice before clicking a link. Most importantly, take a moment to pause and think before reacting, whether that be signing for a delivery you weren’t expecting or engaging with an email that doesn’t quite add up.”
“It is also important to note scammers often target victims more than once and use details gathered in the first scam to strike again.”

Fraudsters using parcel delivery messages as a lure is a trend likely to continue this year. DHL has been in the top three phishing lures since the start of 2021.

Another trend is fake websites imitating brands and offering popular products, particularly toys and games. The domains are often registered in countries outside of Europe, but with UK company details displayed on the website and contact details to add to the appearance of a legitimate business.

If you're shopping online - in the sales or at any time of the year - our advice is:

  • Check before you buy: Research online retailers, particularly if you haven’t bought from them before, to check they’re legitimate. Read feedback from people or organisations that you trust, such as consumer websites.  Also be mindful of typosquatting!

  • Only connect to secure Wi-Fi when in public and if possible, utilise a VPN

  • Take a moment to review the details, is it too good to be true? Is it genuine?

  • Consider if providing personal details to open an account is necessary

  • Protect your accounts: set up 2-step verification and use three random words passwords to prevent cyber criminals from gaining access to your shopping, bank or email accounts. 

  • Pay securely: Use a credit card when shopping online, if you have one. Most major credit card providers protect online purchases and are obliged to refund you in certain circumstances. Using a credit card (rather than a debit card) also means that if your payment details are stolen, your main bank account won’t be directly affected. Also consider using a payment platform, such as PayPal, Google or Apple Pay. And whenever you pay, look for the closed padlock in the web address bar - it means your connection is secure. 

  • Be wary of “celebrity” endorsements on products or services.

  • Fake delivery scams. Scammers pose as couriers and arrive at a front door with a delivery, asking the shopper to sign for it. Many shoppers may be expecting a bargain they bagged in the Boxing Day Sales or believe they are receiving a belated Christmas gift from a friend or family member, and sign, for the parcel. The scammers then harvest a copy of the signature and impersonate places like the person’s bank to get access to their account. If you’re unsure, ask for the delivery person’s ID, and think hard about whether you bought something from that retailer.

A look at the latest scams

Scammers will use various methods to make you fall for their villainous ways. They will use emotion, the cost-of-living crisis and the sales to name just a few examples of how they will try to lure you in.

We have compiled a round-up of the latest scams here.



Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).



The contents of blog posts on this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of East Midlands Cyber Resilience Centre (EMCRC) is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. EMCRC provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us by email.


EMCRC does not accept any responsibility for any loss which may arise from reliance on information or materials published on this blog. EMCRC is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page