With Boxing Day and other seasonal sales just around the corner, online shopping is set to surge, and unfortunately, so is the risk of scams. As the holiday sales approach, the Customer Owned Banking Association (COBA) is urging consumers to remain vigilant.
“Scammers often use tactics like creating a sense of urgency to get customers to make immediate decisions and payments. Knowing that pressured shoppers are less likely to spot a scam, criminals deliberately target events like Boxing Day sales,” COBA Head of Financial Crimes and Cyber Resilience Martin Latimer explained.
According to ACCC’s Scamwatch, there have been more than $8 million in reported losses from shopping scams in 2025 so far.
To help savvy shoppers stay safe, COBA’s financial crimes team share their expert tips on how to spot, and avoid, such scams.
Beware of fake websites
Scammers often create ‘phantom’ websites that are designed to trick even the savviest shopper.
Latimer urges Australians to be extra cautious when browsing online deals, and to double-check the legitimacy of a website before you decide to make any payments.
Look out for poor website design and spelling or grammatical errors, as well as a lack of customer feedback or reviews for the seller or product.
“Scammers are experts at creating convincing fake websites that closely resemble legitimate retailers. Pay close attention to the domain name, because even a small typo could mean you’re on a scam site,” Latimer advised.
Shoppers are urged to verify the site’s legitimacy by looking out for a privacy policy, terms and condition, or even contact details – many fake websites don’t include this level of information.
If you are shopping on an Australian website, you can use the Australian Domain Authority’s website register to see which company or trademark registered it.
Don’t click on unsolicited links
Phishing is a tactic criminals use to steal your personal and financial information, such as login credentials or credit card details.
Scammers often send unsolicited emails or messages pretending to be legitimate retailers, delivery companies or payment processors, in an attempt to trick shoppers to click on links or download suspicious attachments.
“A common phishing tactic is a scammer sending an email or text message about a sale or delivery, urging you to click on a link. These links then lead to fake websites or download malware onto your device,” Latimer explained.
“Never open attachments from unknown senders, as they may contain malware. Instead, always go directly to the retailer’s official website.”
Use secure payment methods
Before making any online purchases, make sure your payment is protected. Check that the website shows “https” and a padlock icon to safeguard your financial information.
Latimer added: “Scammers will often encourage you to use untraceable payment methods, like wire transfers or cryptocurrency, so avoid these. Stick to trusted and secure payment methods, which often have built-in buyer protection and fraud prevention features to help safeguard your purchases.”
Trust your instincts. If something appears suspicious or too good to be true, it probably is.
What to do if you’ve been scammed
If you suspect a scam, report the suspicious sellers or websites to National Anti-Scam Centre (NASC) – Scamwatch and Cyber.gov.au.
If you’ve been scammed, immediately report the transaction(s) to your bank or financial institution, so they can help you protect your account and assist in trying to recover funds.
Customer-owned banks are dedicated to safeguarding their customers from scams and fraud and joined forces to launch the Scam-Safe Accord with the Australian Banking Association. This industry-wide initiative represents a united front against scammers and reinforces the banking sector’s determination to strengthen consumer protection. Find out more about the Scam-Safe Accord here.