Cyber Security Training & Software for Companies | MetaCompliance


Discover our suite of personalised Security Awareness Training solutions, designed to empower and educate your team against modern cyber threats. From policy management to phishing simulations, our platform equips your workforce with the knowledge and skills needed to safeguard your organisation.

Cyber Security eLearning

Cyber Security eLearning to Explore our Award-Winning eLearning Library, Tailored for Every Department

Security Awareness Automation

Schedule Your Annual Awareness Campaign In A Few Clicks

Phishing Simulation

Stop Phishing Attacks In Their Tracks With Award-Winning Phishing Software

Policy Management

Centralise Your Policies In One Place And Effortlessly Manage Policy Lifecycles

Privacy Management

Control, Monitor, and Manage Compliance with Ease

Incident Management

Take Control Of Internal Incidents And Remediate What Matters



Explore the versatility of our solutions across diverse industries. From the dynamic tech sector to healthcare, delve into how our solutions are making waves across multiple sectors. 

Financial Services

Creating A First Line Of Defence For Financial Service Organisations


A Go-To Security Awareness Solution For Governments


A Security Awareness Training Solution For Large Enterprises

Remote Workers

Embed A Culture Of Security Awareness - Even At Home

Education Sector

Engaging Security Awareness Training For The Education Sector

Healthcare Workers

See Our Tailored Security Awareness For Healthcare Workers

Tech Industry

Transforming Security Awareness Training In The Tech Industry

NIS2 Compliance

Support Your Nis2 Compliance Requirements With Cyber Security Awareness Initiatives



From posters and policies to ultimate guides and case studies, our free awareness assets can be used to help improve cyber security awareness within your organisation.

Cyber Security Awareness For Dummies

An Indispensable Resource For Creating A Culture Of Cyber Awareness

Dummies Guide To Cyber Security Elearning

The Ultimate Guide To Implementing Effective Cyber Security Elearning

Ultimate Guide To Phishing

Educate Employees About How To Detect And Prevent Phishing Attacks

Free Awareness Posters

Download These Complimentary Posters To Enhance Employee Vigilance

Anti Phishing Policy

Create A Security-Conscious Culture And Promote Awareness Of Cyber Security Threats

Case Studies

Hear How We’re Helping Our Customers Drive Positive Behaviour In Their Organisations

A-Z Cyber Security Terminology

A Glossary Of Must-Know Cyber Security Terms

Cyber Security Behavioural Maturity Model

Audit Your Awareness Training And Benchmark Your Organisation Against Best Practice

Free Stuff

Download Our Free Awareness Assets To Improve Cyber Security Awareness In Your Organisation

MetaCompliance | Cyber Security Training & Software for Employees


With 18+ years of experience in the Cyber Security and Compliance market, MetaCompliance provides an innovative solution for staff information security awareness and incident management automation. The MetaCompliance platform was created to meet customer needs for a single, comprehensive solution to manage the people risks surrounding Cyber Security, Data Protection and Compliance.

Why Choose Us

Learn Why Metacompliance Is The Trusted Partner For Security Awareness Training

Employee Engagement Specialists

We Make It Easier To Engage Employees And Create a Culture of Cyber Awareness

Security Awareness Automation

Easily Automate Security Awareness Training, Phishing And Policies In Minutes


Meet the MetaCompliance Leadership Team


Stay informed about cyber awareness training topics and mitigate risk in your organisation.

The 12 Scams of Christmas

scams of christmas

about the author

Share this post

Christmas time is a time of giving, but as far as cybercriminals are concerned, it is also the perfect time to take, take, take.

Here are the MetaCompliance top 12 scams of Christmas with some advice on giving the scammers some “bah humbug!”

Online Shopping Fraud

Christmas shopping has moved online as Covid normalised online buying. A 2021 report predicted that almost half of all Christmas purchases would be internet-sourced. Data from Action Fraud shows that over Christmas 2020, 28,049 UK shoppers lost £15.4 million, an increase of 61% over the previous year.

Cybercriminals follow the money, so it is highly likely that Christmas 2022 will see similar levels of online shopping fraud. Be aware of too-good-to-be-true electronic bargains, gifts, and links to fake websites. Also, be mindful of buying unbelievably cheap branded goods from websites including Facebook marketplace and eBay.

Staying safe:

  • Vigilance is vital when shopping online. 
  • Carefully check any online shops you wish to purchase from.
  • Keep devices up to date with security patches.
  • Do not over-share personal information.
  • Be extra vigilant of unusual offers in emails, social media, and other messaging apps.
  • If you make a purchase, use a credit card, as credit card issuers will offer some protection.
  • Secure your email account using a second factor.

It’s a Fake! Website Scam

Online shopping fraudsters often create fake websites to trick people into buying goods that never arrive. Instead, shoppers end up on the fake website by clicking links in emails, messages, and social media platforms. The fake website will often be made to look like it is a site of a well-known brand.

Once on the site, the fraudsters will encourage the purchase of goods at low prices. Recently, jewellery company Pandora warned British customers to watch out for fake Pandora jewellery sites where almost one in five Britons have been scammed.

Staying safe:

  • Avoid clicking on links in emails, mobile messages, and social media.
  • If an offer seems too good to be true, it probably is.
  • If you navigate a website from a link, be cautious. First, check out the URL of the website. Does it fit the domain of the brand? Does the URL have unusual characters in the address?

WhatsApp Scams

WhatsApp scams are increasing in number as scammers take to mobile messaging. In January 2022, Lloyds Banking Group reported a 2000% surge in WhatsApp scams, with victims losing, on average, £1,950 each.

At Christmas, WhatsApp scams come in wide varieties, but a Which magazine report recently reported a “Cadbury giveaway scam.” The scam offers a free Christmas chocolate selection if the recipient clicks on the message link. The link goes to a fake website where scammers attempt to steal personal details.

Staying safe:

  • Be cautious when receiving messages from someone not on your contact list.
  • Sometimes, a scammer will make the message look like it is from a contact (even when it is not). If it seems suspicious, check directly with the actual contact.

Supermarket Coupon Scams

The allure of free food from a supermarket coupon is hard to resist when food prices are escalating. But there is usually no such thing as a free lunch, and the supermarket coupon scam is no exception. Supermarket coupon scams use all possible entry points into a person’s digital life, from emails to mobile messages to social media.

Recently, several UK supermarkets were spoofed in a supermarket email scam that promised a £1000 shopping voucher. Of course, no such coupon exists, but anyone clicking the link in the email would end up at a fake site where personal data could be stolen, or they could even end up with malware installed on their device.

Staying safe:

  • Be aware of possible email scams offering free gifts or vouchers
  • Do not click links in emails that seem suspicious

Holiday Booking Fraud

Many of us travel to see loved ones or escape at Christmas time. Unfortunately, this seasonal event draws in scammers who concoct elaborate scams to trick travellers. Holiday booking fraud can take many forms: travel scams often use phishing emails, including links to fake travel websites. Alternatively, legitimate booking sites can be used to commit fraud by scammers who work out sneaky ways to circumvent the site’s security rules.

Staying safe:

  • Do not click links or download attachments in emails that seem suspicious
  • Be suspicious of too-good-to-be-true accommodation offers
  • Check the URL of any travel website and ensure the address is legitimate; fraudsters will try and use cleverly composed URLs, for example, or, to catch unwary visitors.

Gift Card and Pyramid Scams

Social media is the new platform for pyramid schemes that target unwary Christmas shoppers. Gift-exchange scams use social media sites, like Facebook, to propagate pyramid fraud. Social media posts typically offer a gift card, asking the target to send it to a friend or family member to receive a financial reward. Instead, the scammers collect the target, the family or friend’s details, and the gift card cash.

Staying safe:

  • Be highly suspicious of any social media offers that collect personal data.
  • In general, do not overshare yours or others’ personal information on social media.

Instagram Scams

Instagram is an ideal platform for propagating many kinds of holiday scams. Using imagery alongside website links is the perfect way to send people to fake websites. Instagram maintains a list of scams that happen on the platform; this includes gift card scams, money requests from strangers, and people claiming to be from Instagram security asking for account information.

Staying safe:

  • Do not overshare your own or others’ personal information on Instagram.
  • Do not click on links from an Instagram post unless you are sure the post is legitimate.

Facebook Scams

Like Instagram, Facebook is an ideal place for scammers to roam.

For example, 2020 saw a Facebook scam that involved a “Christmas bonus.” The scammers sent out messages from cloned accounts of the friend of a targeted Facebook user. The message claimed that the sender had won a “Christmas bonus”; to receive this bonus, the victim must contact a “Facebook Agent.” If the target reaches this “agent”, they are requested to provide personal data and a small fee for the transfer of the winnings.

Watch out for variants of this scam during the run-up to Christmas 2022 and beyond.

Staying safe:

  • Take any offers of “winnings” or other free gifts with a pinch of salt and do your research.
  • Do not click on any link in a Facebook post unless you are sure of its legitimacy.

Scammy Grandparent Fraud

Grandparents are targets for scammers hoping to cash in on their love for their grandchildren. This scam was borne out when a grandad lost £1,550 when fraudsters sent a fake message asking for the money for a medical procedure. Instead, the fraudsters made the message look like it was from his granddaughter. Similar scams use phone calls to perpetrate the same type of theft; the scammers pose as friends and family.

Staying safe:

  • Always verify any request for money directly by speaking to the person making the request.
  • If the request originates in a phone call, tell them you will call them back.

Fake Delivery Messages

The fake delivery scam is not new, but this time of year, the fraud finds new victims as we all increase the number of parcels we expect to be delivered. Outstanding packages, especially when there is upheaval at the Royal Mail, result in frantic waiting for packages to appear. Cybercriminals take advantage of this worry and concern by sending out fake delivery messages, usually SMS texts (SMShing) or emails (phishing) that contain a ‘tracking link.’

In 2021, according to UK Finance, over half of the reported SMShing messages in the last quarter of 2021 were fake delivery scams. The links in these phishing messages will take the recipient to a fake site that looks like a Royal Mail or similar delivery firm website. The site will ask for personal details. The scammers may even follow up with a continued scam, tricking people into believing it is a call from their bank. One fake delivery scam ended in losing £33,000 for one man targeted by cybercriminals.

Staying safe:

  • Be wary of texts or emails that claim to be from a legitimate delivery firm.
  • Beware of entering personal data or financial details into a site you navigated from a link in a message or email.

Survey Scams

Firms commonly use customer surveys to determine customers’ thoughts about their services and products. People are used to clicking on a link and filling out a survey form after an online purchase. This common practice is perfect for cybercriminals to exploit.

Scammers typically set up online customer surveys that mimic well-known brands and entice people to complete the survey by offering ‘free gifts’ or vouchers. If a person clicks the link, they will open a legitimate-looking survey form with the spoofed brand’s logo, etc. The survey will trick people into handing over personal data that will be used to carry out further fraud and identity theft.

This type of scam is likely to increase this time of year when we may have made many online purchases as gifts.

Staying safe:

  • Be extra careful over Christmas when agreeing to take a customer survey.
  • Check the email address of the survey sender carefully for signs of phishing.
  • If you do fill out a customer survey, never enter sensitive personal data, such as financial details or national insurance number.
  • Do your homework and check the vendor’s official website to ensure they are sending out customer surveys.

Fake Job Scam

Spoof recruitment scams are here all year round, but Christmas encourages recruitment scammers. In 2020, seasonal job scams increased by 88% over the previous year. Job scams take many forms, but typically the recruiter will ask for payment for DBS checks or advance fees to process an application.

Staying safe:

  • Be aware of tell-tale signs of phishing, such as poor grammar.
  • Does the offer sound realistic? Check out the company’s website the ‘recruiter’ is from – are they actively recruiting?
  • Be wary of providing money to any recruitment firm unless they check out as entirely legitimate after research.

By being wary and knowing how scammers operate, you will be able to have a cyber-safe Christmas and 2023.

Security Awareness Training for Third-Party Vendor

Other Articles on Cyber Security Awareness Training You Might Find Interesting