It’s that time of the year again when shoppers get ready to take advantage of the upcoming Black Friday and Cyber Monday sales. It’s also the time of the year when cyber criminals seek to take advantage of those bargain hunters.

Black Friday scams are on the rise

According to the UK's NCSC, British shoppers lost over £11 million to cyber criminals during last year’s festive shopping period, with clothing, high-end tech products and cars among the most common products cited. Across the Europe it was a similar picture as cyber criminals make the most of eager shoppers seeking a deal. 

Social Media: A Hotbed for Scams

The data reveals that over half of the reports (51%) mentioned a social media account, indicating that platforms like Tiktok, Instagram, and X are increasingly becoming the venues for shopping and auction fraud. The convenience  of social media shopping options make them attractive but also perilously vulnerable to fraudulent activities. Social engineering attacks are also launched via these platforms with scammers often gleaning the personal information of their targets from them.

Key Threats for Businesses

Phishing Attacks

Phishing campaigns are especially rampant during the Black Friday period, often disguised as urgent emails about sales, shipping issues, or account alerts. With employees distracted by holiday workloads, the likelihood of someone clicking a malicious link increases.

Fake Websites and Marketplace Fraud

Action Fraud reported that nearly 19% of online shopping fraud involved fake online marketplaces. For businesses, this translates to potential brand impersonation, where cybercriminals set up websites mimicking legitimate businesses to steal customer data and revenue.

Supply Chain Attacks

Vendors and third-party providers face the same seasonal pressures, making them susceptible to breaches that can ripple through the supply chain. For instance, a compromised logistics partner could delay deliveries or expose sensitive operational data.

The Emerging Threat of AI in Cyber Scams

One big change this year is the rise of generative AI tools like ChatGpt.

The National Cyber Security Centre (NCSC) has raised concerns that fraudsters are increasingly leveraging the technology to enhance their deceptive tactics. This year, with AI rarely being far from mainstream discourse, the NCSC warns that the malicious use of AI will intensify, particularly in crafting more convincing scam emails, fake adverts, and bogus websites.

The integration of AI into cyber scams represents a significant escalation in the sophistication of these threats. AI's ability to generate realistic and professional-looking content means that even the most vigilant and cyber-savvy individuals can be easily duped. These AI-generated scams can be produced at an unprecedented scale, making it a challenge to distinguish between legitimate and fraudulent communications.

For businesses, this means that the risk of data breaches and financial fraud is not only heightened but also more difficult to detect and prevent. The convincing nature of AI-generated content can lead to increased instances of phishing attacks, where employees might inadvertently divulge sensitive information or grant access to secure systems.

Consumers, on the other hand, face the risk of encountering highly realistic fake online storefronts and advertisements, created by AI to mimic legitimate Black Friday and Cyber Monday deals. These fake platforms can be almost indistinguishable from authentic ones, leading to increased chances of financial loss and identity theft.

Who's Most at Risk?

Interestingly, according to the NCSC data the age group most susceptible to these scams is 25–34 year olds, closely followed by those aged 35-44 and 18-24. This demographic, often considered tech-savvy, is at the forefront of digital shopping trends, making them prime targets for sophisticated online scams.

How to Protect Yourself

Be Wary of Social Media Deals: Given the prevalence of scams on social media, it's essential to verify the legitimacy of deals and sellers on these platforms.

Double-Check URLs and Websites: Before making a purchase, ensure the website is legitimate and secure. Look for HTTPS in the web address and be alert for any misspellings or oddities in the URL.

Use secure payment methods: Opt for credit cards or payment services for better protection against fraud.

Update your security software: Keep your antivirus software and devices updated to protect against the latest threats.

Avoid Public Wi-Fi for Transactions: Public Wi-Fi networks are less secure, making them risky for online shopping.

Regularly monitor your financial statements: Keep an eye on your bank and credit card statements for any unauthorised transactions.

If you are worried about cyber threats or need help in improving your organisation’s visibility please  get in touch to find out how you can protect your organisation.