Online shopping scams

Protect yourself from online shopping scams

More Australians reported a financial loss to shopping scams compared to any other scam type in 2024, as observed in Scamwatch data. There were 10,022 Australians who reported a loss to shopping scams, with a total reported loss of $9.8 million in 2024. This is a 24.2% decrease from 13,213 who reported financial losses to shopping scams in 2023.

Criminals can set up fake stores that can look real, or mimic profiles to sell popular or luxury items. Common products criminals try to deceive you into paying for include toys, BBQs, gym equipment, clothing, shoes, and phones. Criminals can offer products on their fake websites, or on a cloned or copy website of a popular store.

Things to consider before you pay

Too good to be true

Even during special sales, it pays to be curious when offered an incredible bargain. If the price advertised for your purchase is just too good to be true, it’s worth investigating further. It’s a good idea to look at other websites to compare and investigate the store making the offer before making the purchase.

Is this a fake website for an online store? 

If you find an item being sold by an online store that you’ve never dealt with, do some checks before making a purchase to ensure they’re legitimate:

• Do they have genuine social media pages? 
• What is their refund policy? 
• Consider doing a Google search and reading their reviews. 
• Check the look and feel of their website including the resolution of branding and pictures. Lower quality images may indicate that the website isn’t legitimate. 
• If you can’t determine if they’re genuine, it may be better to stick to a reputable store that you’re familiar with. This is especially true if the online store is overseas, as there’s no guarantee you’ll get your money back if it turns out to be a scam.

Pop ups, push messages and social media

Those bright and shiny ads that pop up on your screen when shopping online or using social media are clever and persistent marketing tactics looking to promote products or services. They can also be used to deliver malicious software, direct you to dodgy webpages, or fake sales. Check that your device’s virus protection is installed, working, and up to date, with a pop-up blocker.

Advertisements on many social media websites can also lead to fake offers, fake websites and cryptocurrency scams. To check out a deal, head to the genuine website or app independently to validate any offers that seem too good to be true.

Also be on the lookout for suspicious emails or text messages. If you receive an email or SMS with a sale campaign, go to the app or type the address into your browser to make sure you’re accessing the genuine online store. Criminals commonly use SMS and emails to direct people to fake websites looking to steal personal or financial information. Learn more about how to spot a phishing message.

Secure Wi-Fi

Data is a valuable resource, so it may seem attractive to save your own data and use the free Wi-Fi offered by many retail stores. Unfortunately, these connections are often unsecure and are targeted by criminals to gain access to devices and data being shared on that network. If you have to use public Wi-Fi, consider using a Virtual Private Network (VPN) to create a secure connection. Avoid using free Wi-Fi to do any online banking or shopping, as this information may be exposed and misused.

How to protect yourself online

Follow these tips to help keep your identity and your money safe online. 

• Make purchases directly through genuine online retailers, rather than through pop-ups, advertisements, email or SMS offers. Type the retailer’s website into your browser or download their official app from the Apple App Store or Google Play Store for Android.
• Pay attention to the fine print - a lot of merchants will offer special rates as an introductory rate and increase the prices later or sign you up to a subscription service. Check the shipping amount and returns policy before you commit.
• Remain vigilant for text messages about parcel deliveries that may be dodgy. Cyber criminals are known to send fake SMS posing as delivery companies like Australia Post or DHL to convince those who may be expecting a parcel to engage with them. If in doubt, contact the delivery company directly through their official channels.
• Keep your receipts - they can be extremely helpful in resolving disputes down the track.
• Use secure payment options that come with some protections, such as PayPal (not PayPal Family and Friends) or a credit card. Do not deal with sellers asking you to pay by gift cards or cryptocurrencies. 
• Think twice about entering your credit card details into a website you’re unsure about. If it’s fraudulent, your card details could be used for fraud.
• Do your own research and look for reviews. It is a good idea to check if the website you are researching has been associated with any scams. All you have to do is type “is this (website name) a scam” in your browser search engine.
• Don’t use public Wi-Fi without a VPN if accessing or sharing confidential information.
• Check your bank account regularly so that you can spot any unusual transactions and report them to your bank.

How we can help you

While personal vigilance is the best method of protection, our security teams work 24/7 to keep customers safe. If we spot suspicious activity with your cards or online transfers, we’ll take appropriate action and contact you to confirm if it’s genuine or not.

Read our buying and selling scams article for more information about staying safe while shopping online, or visit the ACCC Scamwatch website.

You can also stay up to date on the latest fraud and scam threats by regularly monitoring our security alerts page.

If you’re a NAB customer and believe you may have fallen victim to a scam, please call 13 22 65 immediately and ask for the Digital Fraud and Scams Team. If you want to report a phishing or scam attempt, please email phish@nab.com.au or text 0476 220 003 (047 NAB 003).