21 November 2024
Black Friday is one of the most eagerly anticipated shopping events of the year, offering consumers the chance to purchase a wide range of items from a variety of retailers at significantly reduced prices in the run up to Christmas. However, Black Friday week (also including Cyber Monday) also presents an opportunity for cyber criminals and scammers to exploit unwary shoppers, leading many in the IT/Cyber industry to now refer to the annual event as “Black Fraud Day.”
During the seasonal shopping period last year (2023), consumers lost more than £11.5m due to online fraud, with Black Friday and Cyber Monday being prime times for fraudulent activity. As we approach the 2024 Black Friday sales, it's crucial to understand how these scams operate and how you can protect yourself.
Fake Websites: Scammers and cyber actors set up counterfeit online stores that mimic those of reputable retailers. These sites often have URLs that are slightly misspelt or have additional words. In 2019, there was a 15% increase in fake retail websites during Black Friday.
Phishing Emails and Messages: Phishing emails, text messages, and even WhatsApp messages may prompt you to click on malicious links or provide personal information under the guise of confirming orders or winning prizes. The UK experienced a 65% increase in phishing attacks during the Black Friday period in 2020.
Unbelievably Low Prices: “If it seems too good to be true, it probably is.” Extremely low prices on sites such as Amazon, eBay, Facebook Marketplace, and others can be a big red flag for counterfeit or even non-existent products.
Social Media Ads: Scammers use social media platforms to advertise fake products or direct users to fraudulent websites. Over £2 million was lost through social media scams during the holiday shopping season in 2020.
Gift Card Scams: Offers of free gift cards in exchange for personal information or participation in a survey are often traps to steal your data. However, for businesses who often gift these gift cards to employees, cyber criminals are targeting accounts/finance departments in complex identity impersonation social engineering phishing attacks to trick them into purchasing and handing over hundreds (even thousands) of pounds in gift cards.
Check the URL: Ensure the website address begins with https:// and look for a padlock 🔒 icon in the address bar.
Verify the Website: Be cautious of sites with misspellings, replacement characters (such as 0 instead of o), or extra words/characters in the domain name.
For example, amazon.shopforcheapdeals.com is not amazon.co.uk/blackfriday/
Avoid Clicking Links: Do not click on links from emails or messages you weren't expecting. Instead, visit the retailer's website directly.
Watch Out for Urgent Language: Scammers often use phrases like "Act Now!" or "Limited Time Offer!" to pressure you into quick decisions.
Credit Cards Over Debit Cards: Credit cards offer more consumer protection against fraud.
Avoid Direct Bank Transfers: Never transfer money directly to a seller's account unless you are certain of their legitimacy.
PayPal: Whilst paying via PayPal is generally considered a secure form of payment for their buyer protection policies, do not pay for items using PayPal’s “Friends & Family” transfers as these do not afford the same levels of protection.
Minimal Information Required: Legitimate retailers won't ask for personal information unrelated to your purchase.
Beware of Overly Intrusive Forms: If a website requests your National Insurance number or other sensitive (or family) data, it's likely a scam.
Research the Seller: Look for customer reviews on multiple platforms; also make sure to use official links via Google/Bing search rather than those communicated via email.
Be Sceptical of Flawless Reviews: An absence of negative or even constructive feedback can be a sign of fabricated reviews, especially if a business has received a lot of reviews in a similar time period.
Regularly Check Bank Accounts: Keep an eye on your bank and credit card statements for unauthorised transactions.
Set Up Alerts: Enable notifications for transactions above a certain amount. Also, be weary of messages or emails about alerts; always refer to your banking app or official website.
Use Strong, Unique Passwords
Create Complex Passwords: Use a mix of letters, numbers, and special characters; also ensure that passwords are a minimum of 12 characters long.
One Password, One Service: Different accounts should have different passwords to minimise risk.
MFA/2FA requires two or more forms of verification, making it harder for scammers to access your accounts.
Stay Informed
Follow Trusted Sources: Keep up with news from consumer protection agencies and cyber security experts such as ourselves. News apps such as Apple News & Google News will even allow you to follow and be alerted to topics.
Educate Friends and Family: Share this information about scams to help others stay safe.
Black Friday should be an enjoyable time for many to find great deals on items that you've been eyeing all year or some great prices on Christmas gifts. However, the increase in holiday scams and cyber attacks means that shoppers need to be more vigilant than ever against these evolving threats. While practicing safe shopping is more important to consider now, it is something that you should always be cautious of.
Stay safe and happy shopping!
    Help Desk