An expert has warned that there’s two mistakes you need to be vigilant for this Christmas – or risk losing your hard-earned cash. Shoppers are being urged to stay sharp at Christmas markets as criminals roll out convincing digital scams. 

Brits heading off to Christmas markets this winter are being urged to keep their guard up, as cybercriminals are cashing in on the festive rush with increasingly convincing scams. Andrew Witts has more than 10 years of experience in digital marketing and SEO services at Studio 36 Digital in Blackpool, and he says there’s two mistakes which could lead to your bank account being drained.

With crowds focused on mulled wine, twinkling lights and last minute shopping, experts say fraudsters are exploiting moments of distraction to drain bank accounts in minutes.

Police forces across the UK have already warned that fraud spikes sharply during the festive period. 

The latest available figures show that between December 2022 and January 2024, more than 5,400 fraud reports were logged by the Police Service of Northern Ireland alone, with losses topping £23million. 

Experts say the picture is similar elsewhere in the UK, with scammers now relying on quick fire digital tricks rather than old fashioned pickpocketing.

Tech expert Andrew Witts says many people do not realise how much risk they take on when they casually scan a QR code at a stall or hop onto a free Wi-Fi signal.

“Christmas markets are brilliant places, but they’re also one of the easiest hunting grounds for modern criminals. 

“Fraudsters know people are relaxed, distracted and carrying their bank cards, so they set traps that blend into the festive atmosphere.”

Andrew says two actions in particular can expose shoppers to serious financial losses: scanning unverified QR codes and connecting to public Wi Fi without checking whether it is genuine.

He warns that fake QR codes are now appearing far more frequently at seasonal events. 

Some are printed onto stickers and placed over legitimate codes on market stalls, donation buckets, posters or even festive light displays.

“Most people don’t give a second thought to a QR code these days, because we’ve all become so used to tapping our phones against them,” Andrew says.

“Scammers absolutely rely on that. They create a convincing code, stick it over the real one and suddenly they’ve redirected you to a phishing page that looks completely legitimate.”

These bogus links can request card details, personal data or prompt the download of malicious software. 

Andrew says the speed at which this can happen is alarming. He says: “You can lose money in less than a minute. 

“People think a quick scan is harmless, but if the link is fake, you’ve essentially handed your details straight to the criminal.”

He adds that some scammers deliberately use poor quality-looking stickers because they know people assume something scruffy looks harmless. 

“It sounds counterintuitive, but criminals play mind games. A slightly wonky or low resolution sticker might seem too amateur to be dangerous, which is exactly why people scan it,” he adds.

Andrew’s advice is to take a moment to look properly at any QR code you use. Andrew says: “If it looks like it has been tampered with or stuck over something else, avoid it. Ask the stallholder for the correct link or pay another way. A reputable vendor won’t mind.” 

But QR code scams aren’t the only digital traps popping up among the wooden huts and fairy lights. Andrew says spoofed public Wi-Fi networks are now an equally serious threat.

Criminals will set up hotspots with names that look identical or almost identical to legitimate ones. 

At a busy market, where several networks often appear at once, it can be nearly impossible to tell them apart.

“When you join a fake Wi-Fi network, everything you do online can be monitored by the person who created it,” Andrew warns.

“Your messages, your login details, your bank information, it’s all visible. They don’t need to be sophisticated hackers. They just need you to click the wrong one.”

He says shoppers are especially vulnerable because they often want to check online orders, access banking apps, download digital tickets or send quick transfers.

“People connect without thinking because they’re trying to get something done quickly. But that convenience can turn into a very expensive mistake.”

Unlike secure home broadband, public Wi-Fi networks are usually unencrypted, meaning data can travel in plain text. Andrew says this gives cybercriminals an easy route into a person’s digital life.

“If you’re on an unsecured network, you might as well be handing out your passwords on pieces of paper,” he says.

To stay safe, he recommends confirming the official network name with staff before connecting. 

He adds: “Don’t take the name at face value. Ask someone who works there. If the vendor or organiser can’t confirm it, do not connect.”

Andrew adds that using mobile data is often much safer, especially when accessing anything sensitive. He also urges shoppers to install a VPN before heading out.

“A good VPN encrypts your data so even if someone is snooping, they can’t read anything. It turns your phone into a locked box rather than an open window.”