EXPERTS are warning online shoppers after a spike in criminals gaining unauthorised access to retailer accounts by posing as Argos, with one saying: “Password reuse is one of the biggest risks for shoppers.”
Report Fraud is urging online shoppers to stay alert for unusual activity on their accounts following a rise in criminals gaining access to buy expensive goods.
Recent reporting highlights Argos as a key trend in this activity. Report Fraud has seen a significant increase in cases mentioning the retailer, reflecting how criminals are targeting well-known brands.
Argos is actively working with authorities and its customers to identify suspicious activity and strengthen safeguards.
Criminals are using login details obtained from data breaches to gain unauthorised access to retailer accounts. This is possible due to the practice of reusing the same password across multiple online accounts.
Once they have control of the account, criminals will place online orders and then collect the goods in-person at a physical store. In some instances, the goods are paid for using payment details not connected to the victim of the compromised account.
These fraudulent orders are frequently fulfilled through ‘click and collect’, allowing offenders to retrieve goods in person.
In May, Report Fraud received 652 reports which mention Argos, a 323% increase compared to April, when 154 reports mentioning the retailer were made. Since the start of 2026, there have been 1,175 reports mentioning the retailer, with May seeing the highest number to date.
These scams can be surprisingly dangerous
Detective Chief Inspector Steven Kettle, Head of Crime Services at Report Fraud, said: “Report Fraud urges anyone with online retail accounts to remain vigilant and be alert to any unusual or suspicious activity.
“It is essential to take appropriate steps to protect your accounts by following Report Fraud’s guidance. If you believe you have been a victim of fraud, please report it to Report Fraud via reportfraud.police.uk or by calling 0300 123 2040.”
Marty Bauer, ecommerce expert at Omnisend, said people can contact retailers directly to check if transactions are legitimate.
He added: “These scams exploit familiar and trusted shopping experiences that retailers spend years trying to build. The customer is not necessarily being tricked by a fake website or a suspicious text message. In many cases, criminals are using real login details to access genuine accounts, place real orders and collect the goods before the shopper realises anything has happened.
“Retailers and consumers are both victims of this crime. Once a customer feels their account is not secure, it can affect how comfortable they feel shopping with that brand again, even when the retailer itself has been targeted by criminals.
“Password reuse is one of the biggest risks for shoppers. If the same password is used across email, shopping accounts, streaming services and loyalty schemes, one password exposed during a data leak can quickly put several accounts at risk.
“Scammers often focus on well-known brands because they have large customer bases, familiar checkout processes and accounts that may not be checked regularly.
“If you spot any unusual account activity, or receive a suspicious email with an order you haven’t placed, contact the retailer directly to see if it is legitimate. They may even be able to cancel the order before it is fulfilled. Make sure you change your password and report the fraud to your bank and to the police.”
Shoppers should use a unique, strong password for every retail account
Marijus Briedis, Chief Technology Officer at NordVPN, advised people to not click on any suspicious links.
He added: “These scams can be particularly effective because they often look like everyday shopping activities until it is too late. Criminals are not always trying to hack a company directly, as it is quite a task to bypass a national retailer’s security. In many cases, they are simply using passwords that have already been leaked elsewhere on the dark web and trying them across different sites, hoping people have reused the same login details.
“Once they are inside an account, they may be able to place orders, use saved personal details, change contact information or test whether the same password unlocks other services.
“Click and collect fraud also creates a fast route from compromised accounts to physical goods and is difficult to track down unless a retailer is willing to investigate its CCTV footage. If a criminal can order a high-value item and collect it before the victim notices, the damage can happen very quickly.
“Shoppers should use a unique, strong password for every retail account and turn on two-factor authentication wherever it is available. A password manager can help make this much easier, as it removes the temptation to reuse simple passwords across different websites.
“Do not save your payment details directly with the retailer too, save them on encrypted digital wallets if you want to use autofill functions when shopping online.
“Unexpected emails, texts or app notifications from retailers should be treated with caution, especially if they mention account changes, failed payments, new orders or urgent security checks. Rather than clicking the link, go directly to the retailer’s website and check the account from there, or call their customer service to double-check.”
Samuel Mather-Holgate, Managing Director & IFA at Swindon-based Mather and Murray Financial, said criminals are using well-known retailers because they are trusted.
He added: “These scams can be surprisingly dangerous because victims often don’t realise their account has been compromised until after expensive purchases have been made. The financial loss may be limited if payment details aren’t stolen, but the wider risk is that criminals can use compromised accounts as a gateway to gather more personal information or attempt further fraud.
“The simplest protection is also the most effective- use a unique password for every online account and enable two-factor authentication wherever it’s available. Password reuse is the fuel that keeps these attacks running. It’s extremely common for fraudsters to use trusted household brands as bait.
“Consumers are naturally less suspicious of communications or account activity linked to well-known retailers. Criminals understand that trust is valuable, which is why they frequently hide behind familiar names rather than obscure websites.”
Turn on two-factor authentication wherever it’s offered
Colette Mason, AI Ethics Consultant at London-based Clever Clogs AI, gave some tips for avoiding scams.
She added: “This is credential stuffing. Criminals buy leaked logins in bulk, try them on major retailers, and when yours works because you’ve reused the password, they order big-ticket items on click and collect and walk out with them. The fix is free and takes one evening.
“Check haveibeenpwned.com to see if your email’s already in a breach. If it is, every account sharing that password is exposed. Set up Bitwarden, a free password manager that does the hard work for you. For passwords you need to remember, make them a phrase something like “IPlayF00tieFridays_!”.
“Long, odd, and personal. Use a different phrase for every account. Turn on two-factor authentication wherever it’s offered. Retailers need to answer for their end too. A dormant account ordering high-value goods from a new device should trigger a check before anything leaves the shelf. Data resilience is a pain. A cleaned-out bank account is worse.”
Photo by Markus Winkler on Unsplash.
