Security services warn 'skimming' scam is targeting online shoppers in the run up to Christmas

Steve Barclay, Chancellor of the Duchy of Lancaster, said: "On Black Friday and Cyber Monday the hackers will be out to steal shoppers' cash and damage the reputations of businesses by making their websites into cyber traps."

Skimming was first used as a term for cash machine fraud - where criminals fit ATMs with devices that can read victims' credit cards.

In the online version, hackers infiltrate businesses' software so they can see the card details that shoppers put in on the checkout page.

The NCSC said it had seen an increase in this type of scam since the pandemic, and had uncovered 4,151 cases since April last year.

It said that in most cases scammers had infiltrated the websites via a known vulnerability in popular e-commerce software.

Sarah Lyons, deputy director for economy and society at NCSC, said: "I would urge all business owners to follow our guidance and make sure their software is up to date."

Graham Wynn, of the British Retail Consortium, added: "The cyber resilience toolkit for retail, produced in partnership with NCSC, is available on the British Retail Consortium's website for retailers to consult and boost cyber defences."

GCHQ tips to keep safe

• Be selective when shopping online and never share any more information than necessary
• Make a habit of checking your bank statements for unauthorised payments
• Aim to use a secure third-party payment method such as PayPal or Apple Pay

If you’re concerned that your details have been compromised, report it to Action Fraud immediately. Change your passwords and where your bank details have been exposed, notify your bank.

Consumer website Haveibeenpwned.com can also help identify whether your personal details have been shared online.