Exclusive: Over 28,000 Fake Retail Sites Found in January Scam Surge
28,000 Fake Retail Sites Found in January Scam Surge

Exclusive Investigation Reveals Massive Surge in Fake Retail Websites

Shoppers across the United Kingdom have been issued an urgent warning to remain vigilant against tens of thousands of fraudulent websites that are impersonating major retailers such as Tesco and Amazon online. New exclusive research conducted by the consumer champion Which? has uncovered more than 28,000 unsafe website addresses in January alone, with these sites actively soliciting personal information under the guise of trusted and well-known brands.

The Typosquatting Technique Exposed

One of the most prevalent methods employed by scammers to deceive online shoppers is a technique known as 'typosquatting'. This involves fraudsters registering domain addresses that are common misspellings or mistypings of big-name companies. When individuals accidentally visit these sites, they are presented with what appears to be a genuine landing page, designed to harvest their sensitive data.

The research, carried out in partnership with the technology company Decodo, identified Amazon, Google, Microsoft, Gemini, and ChatGPT as among the most impersonated brands. This trend coincides with the soaring popularity of artificial intelligence services, which scammers are exploiting to enhance the credibility of their fraudulent operations.

Wide Pickt banner — collaborative shopping lists app for Telegram, phone mockup with grocery list

Alarming Increase in Digital Squatting Scams

Separate research from the group last month revealed that instances of 'digital squatting' website scams have increased by a staggering 68 percent from 2021 to 2025. Over this period, name disputes with the World Intellectual Property Organization skyrocketed, reaching 6,200 in 2025 alone.

It is also common for individuals to be directed to these fake websites via scam text messages that falsely claim to represent legitimate companies. One such example involved a scammer pretending to represent Tesco, informing recipients that they had 'points' to review as part of a '2026 reward program'. The message included a link to redeem these points by verifying a phone number.

Detailed Examples of Sophisticated Fraud

Which? researchers entered a bogus number on one such site and were redirected to a page stating they had 12,379 points available for redemption, exchangeable for products like phone chargers, blood pressure monitors, and furniture. Clicking further prompted users to input their full name, email address, and home address—key details that are typically stolen for identity fraud.

This particular site was created in March 2026, a clear indicator of its fraudulent nature. Online shoppers who are uncertain about a website they have been directed to can check its creation date on the website who.is.

Amazon, as one of the most-visited sites in the UK and worldwide, is another prime target for imitation. Which? identified another scam text that led to a website strikingly similar to the legitimate Amazon site. Once on the page, visitors were invited to either create a new account or log in, both actions requiring details such as email and phone number.

Another sophisticated example was a fake page pretending to be the official Boots website, which asked customers to complete a survey in exchange for five best-selling skincare products. This was yet another method designed to harvest private information under the pretence of a legitimate offer.

Expert Calls for Proactive Measures

Rocio Concha, Which? head of policy and advocacy, stated: "Criminals are always on the lookout for new ways to part people from their hard-earned cash and these copycat sites are one of the latest examples of their evolving tactics."

Which? is calling for online platforms to proactively scan all uploaded content for signs that it might be fraudulent, as part of their responsibilities under the Online Safety Act, including links to fraudulent websites. The organisation is also urging telecoms companies to identify and block text messages which include links to known scam websites.

Pickt after-article banner — collaborative shopping lists app with family illustration

Top Tips to Avoid Fake Websites

  • Look for typos in web addresses – a common giveaway for a fake site.
  • Check the page creation date – you can verify this on who.is.
  • Test dead links – does 'about us' or 'contact us' lead anywhere?
  • Watch for poor spelling and grammar, or low-quality images.
  • Be wary of prices or offers that seem too good to be true – a frequent red flag.