Criminals have been planning for months. Traps are laid, traps are set, and now all they have to do is wait for the clicks.
Tomorrow is expected to be the busiest shopping day of the year, but it’s also the most dangerous for online shoppers. Fake deals, phishing attacks and fake websites are currently taking over the internet as scammers look to cash in on the sales frenzy. black friday.
Cyber security professionals are increasingly referring to it as “Black Fraud Day” due to the increasing number of people falling victim to scams, and this year’s edition is expected to be one of the worst.
Attacks can take many forms: fake delivery texts with obscure links, spam emails that offer really good deals, and fake online ads that impersonate popular retailers.
Hackers are also using artificial intelligence tools to automate attacks, making it even more difficult to detect threats.
Dr Megha Kumar, product manager at data protection firm CyXcel, said: “Fraudsters are targeting deal hunters with more sophisticated scams, sometimes built using artificial intelligence, making them harder to detect. Independent.
Fraudsters exploit the increase in transaction volume by creating fraudulent offers, often luring unsuspecting buyers to fake e-commerce sites where their payment details are compromised.
These fake websites mimic the online storefronts of legitimate retailers, and trick shoppers into visiting them through deceptive ads and promotional social media posts. They are designed to steal people’s credit card information or even their entire online identity. Developed using new artificial intelligence tools, they are difficult to distinguish from real tools.
Data from security platform NordVPN shows that fake Amazon storefronts have increased by more than 200 percent in recent days, and fake eBay sites have increased by more than 500 percent.
Get 64% off Proton VPN
Servers in more than 120 countries
Connect up to 10 devices
30 days money back guarantee
Get the deal
Advertising. If you sign up for this service, we receive a commission. The proceeds help fund journalism across The Independent.
Get 64% off Proton VPN
Servers in more than 120 countries
Connect up to 10 devices
30 days money back guarantee
Get the deal
Advertising. If you sign up for this service, we receive a commission. The proceeds help fund journalism across The Independent.
“Many of these sites are almost indistinguishable from the real thing,” said a NordVPN spokesperson, adding that “persuasive payment pages are designed solely to collect personal information and payment.”
According to a recent survey of more than 30,000 people from 185 countries, the majority of people (68%) are unable to identify fake websites.
Malicious links embedded in emails are also on the rise, driving shoppers to these scam stores. According to cybersecurity firm Darktrace, phishing emails targeting Black Friday shoppers have increased by more than 620 percent.
UK Finance’s annual fraud report 2025 found that such scams are increasingly effective, with total fraud losses reaching £1.1 billion last year.
Another trick could be from retailers themselves, who raise prices in the weeks leading up to Black Friday to offer artificial discounts when the day arrives. One way to check for such sales is through price tracker sites like PriceLasso or CamelCamelCamel, which allow you to check a product’s price history to see if it’s really a good deal.
Security experts and consumer watchdogs advise being vigilant during Black Friday and Cyber Monday sales: double-check URLs, be suspicious of emails and texts claiming to be from vendors or delivery services, avoid shopping on public Wi-Fi and monitor bank transactions.
With increasingly sophisticated techniques to bypass phishing and email ad detection systems, industry figures say vigilance is the key to staying safe online.
“It’s not just about identifying malicious links, it’s about rewriting behavior,” said David Higgins, CTO of software company CyberArk.
Every year, phishing attacks continue to be the leading cause of fraud because they exploit human instinct, and no technology can fully compensate for a moment of misplaced trust.
“Cybersecurity is as much a cultural issue as it is a technical issue. True resilience comes from combining strong identity controls with a culture that encourages people to pause, question and confirm before they click.”
The following article is an excerpt from independentQ Indy Tech Newsletter. To register, just enter your email address in the box at the top of the page.
