Arrow back

The cyber risks of the Black Friday & Cyber Monday sales

26 October, 2023

Black Friday and Cyber Monday are the perfect opportunities to grab someone special a unique gift at a discount.

However, it's also prime time for scammers.

The rush to purchase presents under time pressure can also leave you more vulnerable, making you or your loved ones an easy target for cyber scams.

With the Black Friday sales fast approaching, it's important to be aware of the potential cyber risks to stay safe online.

This blog will highlight the scams that may emerge and what you can do to stay safe while online shopping.

Let’s get into it.

Recognising cyber threats

Phishing attacks:

During the Black Friday sales, we often see an increase in phishing emails. Cybercriminals impersonate trusted brands, enticing you to click on malicious links or provide sensitive information.

For example, an ‘’ offer for iPads at outstandingly low prices.

Be cautious of unexpected email offers and verify their email addresses, also remember to pay close attention to spelling.

You’ve heard the saying, if it seems too good to be true it probably is! If you are unsure, you can look a company up on the Better Business Bureau website, and check their Scam Tracker for any reported issues.

Being vigilant with your emails allows you to benefit from genuine discounts and steer clear from the scams.

Fake websites:

Ever been on a website and thought something about it seemed a little off? Be aware of fake websites; hackers often create close clones of popular sites to trick users into handing over sensitive information or their hard-earned money.

Scammers typically start by copying the layout and design of a legitimate retailer's website, making their fake site appear convincing at first glance.

They may also use domain deception, registering web addresses that closely resemble those of well-known brands.

These fake websites often dangle enticing offers that appear too good to pass up, drawing in unsuspecting shoppers.

Additionally, some of these deceitful sites may distribute malware. Clicking links or downloading files from them can infect your device with malicious software.

Staying informed and vigilant is your best defence against these online tricks, especially during events like the Black Friday sales.

Fake mobile apps:

Scammers create fake shopping apps that mimic popular brands. These apps can be found on unofficial app stores or through deceptive links.

Downloading these apps could lead to malware infections or theft of your personal information.

Stick to official app stores and read reviews before downloading any apps. Sometimes scammers will post fake reviews on their app to make it appear legitimate, so check the dates of reviews goes a long way.

Third-party sellers:

When purchasing from online marketplaces, exercise caution with third-party sellers.

Some sellers may not be as reputable as they appear, potentially leading to fake or flawed products.

Check reviews and seller ratings, and try to purchase from established retailers.

Social media scams:

Social media is a powerful tool for scammers.

They can dangle enticing offers or extravagant contests with the promise of winning valuable prizes.

However, it's essential to remember that the price of these so-called "prizes" might be your valuable personal information, as scammers may request certain details to enter.

How to stay safe on Black Friday and Cyber Monday

Now that you're aware of the potential cyber risks and the scams that could crop up during the sales, here are 10 practical steps to keep yourself safe:

  1. Verify website URLs: Always double-check the web address before making a purchase. Make sure it matches the retailer's official website. Cybercriminals often use similar but slightly altered web addresses to trick shoppers.
  2. Look for 'https://' and the padlock symbol: Ensure the website you're using has 'https://' in the address bar, along with a padlock symbol. This indicates a secure connection and protects your data during transactions.
  3. Check for verification: When following deals or promotions from social media accounts, look for a verification badge on their profile. This confirms their authenticity. Beware of impersonators who lack this verification.
  4. Verify email offers: Don't be tempted by unexpected email offers that seem too good to be true. Before clicking on any links or sharing personal information, verify the sender's email address and double-check the spelling. Scammers often use slight variations to mimic legitimate brands.
  5. Official apps and websites: Stick to official app stores and trusted websites when purchasing or downloading apps. Read reviews and ratings to ensure you're dealing with reputable sources.
  6. Two-factor authentication: Whenever possible, enable two-factor authentication (2FA) for your online shopping accounts. This additional layer of security ensures that even if your login details are compromised, your account remains protected.
  7. Bad spelling and writing: Real websites use proper words and sentences. If you see lots of mistakes, it's likely a fake website.
  8. Blurry pictures: Genuine shops use clear pictures of their products. If the pictures are blurry or look otherwise strange, it's a warning sign that the website might be fake.
  9. Beware of overly aggressive pop-up ads: Scammers often use aggressive and persistent pop-up ads that claim you've won something or offer unbelievable discounts. Legitimate websites typically don't bombard you with constant pop-ups. If it seems too intrusive or too good to be true, it's likely a scam. Close the pop-up and continue your shopping on trusted websites.
  10. Stay informed: Keep yourself informed about common online scams and cybersecurity best practices. Being aware of potential threats empowers you to recognise and avoid them.

How Bob’s Business can help your team build cyber awareness

Cyber deals can be attractive, but if your employees get trapped in online scams during these events, it can impact your company's cybersecurity.

Some employees might not be too cautious with their passwords, and when their personal and work data blend, it poses a security challenge, especially for those who work remotely.

Bob's Business is here to help with our cybersecurity awareness eLearning training, ensuring your employees can identify and address online threats efficiently and effectively.

We also offer tailored solutions to suit your unique business blindspots - Why not click here to explore our courses designed to ensure the safety and security of your business?

And happy shopping!

Back to resources

Ready to build your cybersecurity culture?

Whether you’re looking for complete culture change, phishing simulations or compliance training, we have solutions that are tailor-made to fit for your organisation.

Girl with laptop
Boy with laptop
man and woman with laptops
Global Cyber Alliance