New Argos 'essential' warning to customers

New Argos 'essential' warning to customers Customers have been given an important warning Millions of online shoppers are being warned to check their accounts in an important new alert. Experts say criminals are increasingly targeting customers of household names such as Argos by using stolen login details obtained from previous data breaches, with one warning that "password reuse is one of the biggest risks for shoppers". The alert comes after Report Fraud revealed a dramatic rise in reports linked to Argos, as offenders use compromised accounts to purchase high-value items and collect them in person from stores. In May alone, Report Fraud received 652 reports mentioning Argos – a 323% increase on the 154 reports recorded in April. Since the start of 2026 there have been 1,175 reports mentioning the retailer, with May seeing the highest monthly total so far. The scam highlights a growing threat facing online shoppers, many of whom use the same password across multiple websites. Fraudsters can obtain login credentials leaked during previous cyber breaches and then test them on popular retail websites, hoping customers have reused the same details. Once inside an account, criminals can place orders, often using click-and-collect services, before collecting goods from stores before the victim even realises their account has been compromised. Report Fraud said Argos is actively working with authorities and customers to identify suspicious activity and strengthen safeguards. Detective Chief Inspector Steven Kettle, Head of Crime Services at Report Fraud, said: "Report Fraud urges anyone with online retail accounts to remain vigilant and be alert to any unusual or suspicious activity. “It is essential to take appropriate steps to protect your accounts by following Report Fraud's guidance. If you believe you have been a victim of fraud, please report it to Report Fraud via reportfraud.police.uk or by calling 0300 123 2040.” Retail experts said the scam is particularly concerning because criminals are exploiting genuine customer accounts rather than relying on fake websites or phishing messages. Marty Bauer, ecommerce expert at Omnisend, told Newspage: "These scams exploit familiar and trusted shopping experiences that retailers spend years trying to build. "The customer is not necessarily being tricked by a fake website or a suspicious text message. In many cases, criminals are using real login details to access genuine accounts, place real orders and collect the goods before the shopper realises anything has happened." He added: "Password reuse is one of the biggest risks for shoppers. If the same password is used across email, shopping accounts, streaming services and loyalty schemes, one password exposed during a data leak can quickly put several accounts at risk. “Scammers often focus on well-known brands because they have large customer bases, familiar checkout processes and accounts that may not be checked regularly.” Mr Bauer urged customers who receive unexpected order confirmations or spot unusual activity to contact the retailer immediately, saying orders can sometimes be cancelled before they are fulfilled. Cybersecurity experts say the attacks are often an example of so-called "credential stuffing", where criminals use usernames and passwords stolen elsewhere and try them across multiple websites. Marijus Briedis, Chief Technology Officer at NordVPN, said: "These scams can be particularly effective because they often look like everyday shopping activities until it is too late. “Criminals are not always trying to hack a company directly, as it is quite a task to bypass a national retailer's security. In many cases, they are simply using passwords that have already been leaked elsewhere on the dark web and trying them across different sites, hoping people have reused the same login details.” He warned that once inside an account, fraudsters may place orders, use saved personal details, change account information and test whether the same password unlocks other online services. Mr Briedis said shoppers should use a unique password for every retail account, switch on two-factor authentication and avoid clicking links in unexpected emails or text messages. Samuel Mather-Holgate, Managing Director at Mather and Murray Financial, said: "The simplest protection is also the most effective- use a unique password for every online account and enable two-factor authentication wherever it's available. Password reuse is the fuel that keeps these attacks running. "It's extremely common for fraudsters to use trusted household brands as bait. Consumers are naturally less suspicious of communications or account activity linked to well-known retailers. Criminals understand that trust is valuable, which is why they frequently hide behind familiar names rather than obscure websites.” Colette Mason, AI Ethics Consultant at Clever Clogs AI, described the fraud as "credential stuffing" and urged consumers to check whether their email address has appeared in previous data breaches. She said: "Criminals buy leaked logins in bulk, try them on major retailers, and when yours works because you've reused the password, they order big-ticket items on click and collect and walk out with them. The fix is free and takes one evening.” Ms Mason advised consumers to use a password manager, create unique passwords for every account and enable two-factor authentication wherever possible. She added: "Retailers need to answer for their end too. A dormant account ordering high-value goods from a new device should trigger a check before anything leaves the shelf. Data resilience is a pain. A cleaned-out bank account is worse."