Police urge shoppers to strengthen online security as retail app scams surge ahead of Christmas

The Police Service of Northern Ireland (PSNI) is urging shoppers to tighten the security on their online retail accounts amid a rise in hacking attempts targeting retail apps in the run-up to Christmas.

The warning comes as the UK-wide Protect Network reports an increase in incidents where criminals have gained access to customer accounts to make unauthorised purchases. These include “buy now, pay later” transactions and online credit agreements carried out without the account holder’s knowledge.

According to initial police findings, many of the compromised accounts appear to have been breached due to weak or reused passwords. Investigators are also concerned that some popular retail apps rely solely on password access, meaning anyone able to obtain or guess the password may be able to enter the account and manipulate it.

Once inside an account, scammers may be able to change delivery details, alter linked payment methods, or make credit purchases using stolen information.

Inspector Tori Anderson from Scamwise said:

“With Christmas fast approaching, we know more people are shopping online and using retail apps, especially with the amount of great deals and sales already happening. However just this week, we have identified four victims, who have sadly been targeted through online retails apps.”

She added:

“We are reminding the public to take simple but important steps to protect themselves. Weak or repeated passwords make it easier for criminals to access accounts and create unauthorised purchases.

“We strongly advise the public to use stronger online passwords whether that is based on the National Cyber Security Centre’s (NCSC) ‘Three Random Words’ guidance or through the assistance provided by a Password Manager.”

Inspector Anderson also urged shoppers to adopt additional security measures:

“Where available, additional security features such as Two Step Verification or Passkeys should be used to help secure online accounts. For further support and guidance, the NCSC’s Cyber Aware webpage can be found at www.cyberaware.gov.uk.”

She confirmed that efforts to track the trend are ongoing:

“At this time, we will continue to liaise with Action Fraud and our Scamwise partners to monitor local trends across NI, sharing updates as more information becomes available. Together, lets prevent scammers from ruining Christmas!”

The PSNI is appealing for anyone who believes they have fallen victim to a scam to report it immediately — either by contacting police on 101, reporting it to their bank, or using the official Action Fraud service at www.actionfraud.police.uk or 0300 123 2040.

Further advice is available at www.nidirect.gov.uk/scamwiseni or via the ScamwiseNI Facebook page @scamwiseni.