Black Friday and Cyber Monday are now as much about online fraud as they are about discounts. Criminals track the same calendar that retailers do. When people expect flash sales, emails from couriers, and new online stores, it becomes easier to slip a fake one into the mix.
In 2024, the FBI’s Internet Crime Complaint Center received 859,532 reports of internet crime and recorded losses of more than 16 billion dollars, which was a 33 percent jump from 2023. That was the biggest annual loss the bureau has ever published .
The US Federal Trade Commission reported a similar trend. Consumers told the FTC that they lost more than 12.5 billion dollars to fraud in 2024, a rise of 25 percent from the previous year. One in three people who reported fraud said they actually lost money, and more than 3 billion dollars of those losses started online. That includes fake shops, fake ads, and payment scams that are very common during holiday shopping.
Europe is seeing the same pattern. The UK’s fraud service said reports of hacked social media and email accounts rose to 35,434 in 2024, up from 22,530 in 2023. The National Cyber Security Centre also said that by April 2025, people in the UK had already reported more than 41 million suspicious emails and texts, which shows how much phishing is still used to begin shopping scams.
In 2025, regulators in the UK warned again that impersonation scams were growing. The Financial Conduct Authority said it had already received almost 5,000 reports of fake FCA scams in the first half of the year. That kind of impersonation is relevant to Black Friday because criminals often pretend to be banks, delivery companies, or even regulators to make a fake payment request look legitimate.
Below is a guide for regular shoppers on what to look for this Black Friday and Cyber Monday, and how to shop safely without losing time or money.
Watch for fake stores and copycat domains
The most common holiday scam is still the fake online shop. Criminals register domains that look almost identical to known brands and fill them with product photos stolen from real sites. Prices are a little lower than normal but still believable, which makes people think they have found a limited sale. These sites often vanish a few days later.
What to check:
- Type the retailer’s address yourself. Do not follow a link in a message.
- Look for a real company address and proper returns information on the site.
- Be careful with domains that add words like “sale”, “outlet”, “deal”, or change only one letter in the name.
- Pay by credit card, not bank transfer. Cards give you better dispute rights. Europol also recommends sticking to secure and trusted payment platforms for seasonal shopping.
- If the website asks for a bank transfer to “lock in” a deal, leave it. This is a common sign of a throwaway store.
Expect delivery and refund scams
During Black Friday, people receive several packages. Criminals know this and send text messages that say a parcel could not be delivered or a fee is due. The link goes to a fake courier page that collects card details. Real delivery companies do not ask for full card numbers or bank logins to redeliver a parcel. If you are unsure, go to the courier’s real website through a saved bookmark or the retailer’s order page.
The same applies to refund emails. A message that says “your order has been cancelled, click here for a refund” is meant to make you click fast. Always look up the order in your real account first.
Social media deals are high risk
Action Fraud and other European agencies keep warning that account takeovers are rising. Criminals hijack a social media account and then post a limited-time sale or send a shopping link to everyone in the contact list. People click because the message comes from someone they trust. In 2024, nearly one million pounds were lost in the UK to hacked social media and email accounts.
If a friend suddenly becomes a reseller of designer goods, verify on another channel. If a brand is selling only through Instagram DMs, search for the brand independently. Real retailers do not ask you to pay through friends and family transfers.
Phishing is still the entry point
The FBI report shows that phishing and related social engineering remain among the top reported internet crimes. Phishing is used because it works on every device and every age group. Holiday phishing emails often impersonate well-known stores, streaming services that run seasonal offers, or even government offices that say they detected suspicious activity on your account.
Signs of a holiday phishing attempt:
- The message pushes you to act now because the price ends today.
- The link points to a domain that does not match the brand.
- The email asks for full card numbers or one-time passcodes.
- The sender’s address is a personal mailbox.
Report these messages and delete them.
Look out for buy-now-pay-later abuse
Holiday scams are no longer only about taking your card number. Criminals also use stolen personal data to open credit or buy now pay later accounts in the victim’s name. That is why Poland told citizens to block their national ID numbers after a recent loan platform breach . If you get an unexpected approval or rejection for credit during the shopping period, contact the provider at once. Identity data is valuable during Black Friday because people spend more and review statements less often.
Safe practices for regular shoppers
- Keep accounts locked down. Turn on two-step verification for email, for your main shopping account, and for payment apps. UK police noted a sharp rise in hacked accounts in 2024 and said that two-step verification would have stopped many of those cases. If a criminal controls your email, they can reset every store password and place orders in your name.
- Use cards, not direct transfers. Credit cards and some debit cards offer chargeback rights. Direct bank payments, gift cards, and crypto transfers are the top payment methods for fraudsters because they are harder to reverse, which is also echoed in Europol’s holiday guidance.
- Check URLs on mobile. Many people shop from a phone where addresses are shortened. Expand the address bar before you pay. A large part of seasonal fraud works only because people cannot see the full domain.
- Update devices before you shop. An outdated browser or phone is more exposed to drive-by or form-stealing malware. Install security updates before the shopping period.
- Monitor statements in real time. During Black Friday and Cyber Monday, people make many small purchases. That noise can hide fraudulent charges. Turn on bank or card alerts for every transaction. If you see a 1-dollar or 1-euro test charge from an unknown merchant, contact your bank.
- Teach family members. Many victims in 2024 were older adults. The FBI said people aged 60 and above reported losses of nearly 5 billion dollars in 2024. Tell parents and grandparents that no retailer or bank will call or text to confirm their card number during a sale. Hang up and call the number on the back of the card instead.