One in four people admitted to being targeted last festive season and of those, 37 per cent said the scam came from social media, according to research from cybersafety product Norton.
Three in five Australians are worried about falling victim to cybercrime this festive season, with more than half expressing concerns about AI shopping scams, the poll found.
Norton managing director Mark Gorrie told 9news.com.au retail scams were getting more prevalent every year, especially in the lead-up to Christmas when people's "concerns and desires" were preyed on.
Gorrie said the rising cost of living was increasing scammers' success as people were shopping around for the best deals.
"We start to see fake retail sites, fake classified listings, just offers too good to be true," he said.
"So whether it was smartphones or gaming consoles... there wasn't a lot of supply and so that's where we start to see fake listings.
"People jump on it thinking, 'Great I'm going to be able to secure this gift', but it was a fake."
Aussies share the strange items they have been sent by scammers
Scammers also take advantage of people's generous spirit through charity scams.
Gorrie said AI was helping scammers reduce their spelling and grammatical mistakes, which used to be an easy way to spot a scam.
"I think the quality of scams is actually getting better and that makes it harder for people to identify, 'Is that a scam or is it a real message?'" he said.
"It's really those common things that people use regularly that is what makes them read or be prepared to click on something."
How to avoid Christmas scams
Gorrie's advice is to stick with familiar, trusted websites.
"In terms of good digital hygiene, don't click on those links and attachments in emails, text messages from unknown sources because it can lead you to give up your personal information or get subjected to malware passwords," he said.
He warned Australians to have strong passwords that were not used on multiple accounts.
"So if you have been caught out on a phishing scam and they've given up your credentials for one particular site, you are not using that same password on other services so you always want to make sure they're unique," he said.
"Make sure your devices are updating the apps to protect from vulnerabilities, (have) comprehensive security software on all your devices and use two-factor authentication on accounts."
Australians lost $429 million to scams in the first 10 months of the year, according to government organisation Scamwatch.
Of that, $92 million was taken in impersonation scams, including through scammers duping people via impersonating brands, recruitment companies, government and family or friends.