UK Shopping Fraud by the Numbers
| Statistic | Figure | Source |
| Total UK scam losses (2024) | £11.4 billion | GASA/Cifas. |
| Online shopping fraud (2023-24) | £56.3 million (up 20%) | Action Fraud. |
| Black Friday period losses (Nov 24-Jan 25) | £11.8 million | Action Fraud. |
| Average loss per victim | £695–£1,443 | Action Fraud/GASA. |
| UK adults encountering scams monthly | 61% | GASA. |
| Victims who do not report scams | 71% | GASA. |
The numbers are not small. £11.4 billion lost to scams in 2024 alone across the UK, with online shopping fraud specifically accounting for £56.3 million–a figure that rose 20% compared to the previous year. The Black Friday period from November 2024 through January 2025 saw £11.8 million disappear from shoppers who thought they were getting bargains.
Average losses per victim range from £695 to £1,443 depending on the methodology used. That is not pocket change. And 71% of victims never report what happened to them, meaning the real figures are likely considerably higher.
Why Discount Shoppers Are Higher Risk
People hunting for deals click multiple links from unfamiliar sources without thinking twice. Urgency tactics–“limited time offer” or countdown timers–bypass the careful checking that would normally happen. In 2024, 77% of Black Friday spam emails were fraudulent according to security researchers.
Social media plays a significant role. 43% of scam reports involved social platforms where sponsored ads appear alongside legitimate content. The algorithm does not distinguish between real retailers and criminal operations–both pay for visibility.
Exposed Scam Networks That Stole Millions
BogusBazaar — The $50 Million Fake Store Empire
| Detail | Data |
| Scale | 75,000+ fake stores. |
| Victims | 850,000+ (US & Europe). |
| Money stolen | $50 million+. |
| Credit cards harvested | 476,000 (with CVVs). |
| Still active (April 2024) | 22,500 sites. |
| Origin | China. |
| Brands faked | Nike, Dior, Lacoste, Prada, Hugo Boss, Versace. |
BogusBazaar operated what security researchers described as a franchise model. A core team in China ran the infrastructure–payment processing, domain registration, site templates–while “franchisees” operated individual stores. The operation used expired domains that still carried good Google rankings, meaning fake sites appeared near the top of search results from day one.
Victim breakdown by country showed France hardest hit at $33.6 million, followed by the USA at $19 million and Australia at $1.7 million. SRLabs in Germany exposed the network in May 2024, though 22,500 sites remained active at the time of their report.
The 476,000 credit cards harvested included full CVV codes–meaning criminals could use them for online purchases elsewhere, not just collect payments on their fake stores.
SilkSpecter — 4,700 Fake Black Friday Sites
| Detail | Data |
| Scale | 4,700 fake stores. |
| Target period | Black Friday 2024. |
| Brands impersonated | IKEA, The North Face, Lidl, L.L. Bean, Wayfair, Makita. |
| Origin | China. |
SilkSpecter specifically targeted the Black Friday shopping period. Domain tactics involved newer TLDs that shoppers might not recognise as suspicious–sites like northfaceblackfriday[.]shop using .shop, .store and .vip extensions.
The sophistication was notable. Sites auto-translated based on the victim’s location using Google Translate integration. Tracking pixels from TikTok and Meta monitored victim behaviour, allowing the operators to optimise their scam funnels just as legitimate marketers would.
EclecticIQ exposed the network in November 2024.
Phish ‘n’ Ships — Hijacking Real Shopping Sites
| Detail | Data |
| Scale | 1,000+ infected legitimate sites, 121 fake stores. |
| Money stolen | Tens of millions of dollars. |
| Victims | Hundreds of thousands. |
| Active since | 2019 (5 years undetected). |
| Origin | China. |
This operation worked differently from typical fake stores. Rather than building standalone scam sites, the criminals injected fake product listings into real, legitimate shopping websites. Someone searching for a product on Google might click through to what appeared to be a genuine retailer–because it was a genuine retailer–but the specific product page had been injected by attackers.
SEO poisoning pushed these fake listings to the top of Google results. The scammers targeted hard-to-find items at bargain prices, knowing that desperate shoppers would overlook warning signs. Sites operated in Dutch, English, French and German.
HUMAN Security’s Satori team exposed the operation in October 2024 after it had run undetected for five years.
SHOPYY Platform Abuse — AI-Generated Scam Stores
| Detail | Data |
| Fake store percentage | 66%+ of SHOPYY-hosted sites. |
| New fake domains (Nov 18-21, 2024) | 9,000+ in just 4 days. |
| Increase (Aug-Oct 2024) | 110% spike. |
SHOPYY is a legitimate Chinese e-commerce platform that scammers have abused extensively. Over 66% of sites hosted on the platform were identified as fraudulent by security researchers.
The operation scaled rapidly–9,000 new fake domains appeared in just four days between November 18th and 21st 2024. August to October 2024 saw a 110% spike in fake store creation.
Scammers used AI and large language models to generate realistic product descriptions. They copied listings from Amazon, rewrote them with AI for SEO purposes, and published across thousands of domains. Netcraft exposed the abuse in November 2024.
Brand Impersonation Scams — Exploiting Trusted Names
| Fake Operation | Real Brand | Tactic |
| TiffanyCoShop.com | Tiffany & Co. | Luxury items at impossible prices. |
| Sheingivesback.com | Shein | Fake “gift card” rewards scheme. |
| Multiple Wilko fakes | Wilko (UK) | Exploiting brand after bankruptcy. |
| Fake Brooks Running sites | Brooks | Taking orders, never delivering. |
| Fake Bed Bath & Beyond | BB&B (US) | Exploiting brand after bankruptcy. |
Scammers specifically target brands that have gone bankrupt or ceased trading–Wilko in the UK and Bed Bath & Beyond in the US both spawned numerous fake sites after closure. Shoppers searching for clearance deals found criminal operations instead.
October 2024 data showed fake Amazon sites surged 232% compared to September. Fake eBay pages increased 525% over the same period. These spikes coincided with pre-Christmas shopping season.
How Scam Sites Trick Bargain Hunters
The Anatomy of a Fake Discount Site
Professional design is standard now–scammers copy layouts directly from legitimate retailers. Unrealistic discounts of 50-80% on luxury items serve as the hook. Urgency timers claim “Sale ends in 2 hours!” even though the timer simply resets.
Trust badges appear prominently–fake “Verified” or “Secure Checkout” icons that mean nothing. Real payment processors like Stripe and PayPal process the transactions, which makes everything appear legitimate until the goods never arrive.
Where Fake Sites Appear
Social media ads on Facebook, Instagram and TikTok are common distribution channels. Sponsored Google search results place scam sites above legitimate retailers. As seen with Phish ‘n’ Ships, injected listings appear on legitimate shopping sites that have been compromised.
Email and SMS “deal alerts” arrive unsolicited. Expired domains with good search rankings get purchased and repurposed–the domain might have been a real shop once, which is why Google trusts it.
What Scammers Actually Steal
Payment card details including number, expiry and CVV are the primary target. Personal information–name, address, phone number, email–gets harvested simultaneously. If you create an account, login credentials are captured and tested against other sites.
This data sells on dark web marketplaces. Your phone number enters databases used for future scam calls and texts. The initial shopping fraud is often just the beginning of ongoing targeting.
Cost Comparison — Prevention vs Recovery
| Scenario | Cost |
| Average loss per shopping scam victim | £695–£1,443. |
| Average identity theft cost per victim | £1,076. |
| Time to discover identity fraud | 7 months average. |
| Time to resolve identity fraud | 3.4 months additional. |
| Cost of browser security tools | £0 (free options available). |
| Cost of VPN Chrome add-on | Free versions available. |
| Cost of checking site on Scamadviser | Free. |
| Cost of enabling MFA | Free. |
The maths is simple. Five minutes securing your browser can prevent months of stress and hundreds of pounds in losses.
Be Extra Cautious on Public WiFi
Never enter payment details on public networks without VPN protection. Assume the network cannot be trusted regardless of where you are. Avoid logging into banking or sensitive accounts entirely when connected to public WiFi.
A Chrome VPN extension provides encryption between your browser and the wider internet, meaning anyone monitoring the public network sees encrypted traffic rather than your actual activity. Free versions exist and take seconds to install.
The Cyber Security and Resilience Bill is pushing for higher standards across UK businesses–adopting these habits now puts you ahead of where regulations will eventually require.
Report the Scam
If you have fallen victim or encountered a scam site, reporting matters for two reasons. First, it contributes to takedown efforts. Second, it builds the data that security researchers use to track networks.
| Where to Report | Contact |
| Action Fraud (UK) | actionfraud.police.uk or 0300 123 2040. |
| Suspicious emails | Forward to [email protected]. |
| Scam texts | Forward to 7726 (free). |
| Fake websites | Report to National Cyber Security Centre. |
| Social media ads | Report directly on the platform. |
Shop Smart, Stay Protected
Scammers specifically target discount seekers–you are not paranoid, you are a target. Major operations like BogusBazaar and SilkSpecter prove the scale of the threat. 75,000 fake stores from a single network is not a small-time operation.
Free tools exist to protect yourself. Browser extensions, VPNs, site checkers like Scamadviser–none of these cost money. If a deal seems too good to be true, it almost certainly is. A 70% discount on a Prada bag from a site you have never heard of is not a bargain opportunity. It is a trap.
Quick browser security setup takes seconds but protects your wallet for years. The choice between five minutes of prevention and months of recovery is not a difficult one.
