Black Friday: Prime time for cyber crime

Black Friday Scams - Netstar IT Support London

Black Friday is the biggest shopping day in the calendar, with Brits alone predicted to spend £2.24 billion online this year. Whilst Black Friday can offer some incredible deals, helping to make Christmas a (little) bit more affordable, it also brings with it an increase in cybercrime.

Cyber criminals know people will rush to their computers, mobiles, or tablets to pick up the latest Black Friday deals. So, they devise specific, targeted scams to trick innocent consumers into giving over personal details, enabling them to steal anything from gifts and money to your identity. A total of £6.98 million was lost to purchase scams in the UK in 2020, and this number is predicted to rise for 2021.

Plus, due to ongoing supply chain issues and rumours of “Christmas being cancelled” this year, some gifts are harder to come by. The increase in demand means consumers are more likely to buy impulsively, without thoroughly checking the legitimacy of their purchases.

But don’t worry. We know that increased stress and financial concern is the last thing you need in the lead up to Christmas! This article covers everything you need to avoid Black Friday scams and stay safe online over the festive period.

Our six top tips for avoiding Black Friday scams

Before diving into the specific types of scams circulating, here are our six top tips for staying safe this Black Friday.

  1. Check, double check, and then check again – if someone’s reached out to you via email, phone, or text claiming to be a legitimate retailer, check their contact details are what you’d expect (e.g., without misspellings or grammatical mistakes).
  2. If you don’t remember ordering it, you probably didn’t – if you’re unsure, reach out to the retailer directly to check if/when/what you ordered with them. Don’t click on any links or follow any instructions if you’re suspicious of their legitimacy.
  3. Watch out for fake websites – cyber criminals are genius at replicating legitimate sites and making fake websites look genuine. Check the URL of every website you purchase from. Inconsistencies in spelling, blurry images, and reduced functionality of the site are all tell-tale signs of a fake website.
  4. Avoid deals that are too good to be true – whilst Black Friday does offer good discounts, there are some that are simply too good to be true. Be wary of emails, pop-ups, or social media posts promising rock bottom prices – these could be a scam, waiting to catch you out.
  5. Use strong passwords – your passwords should be at least 10 characters with a mixture of cases, numbers, letters, and symbols. You should also use different passwords across all your accounts, so that if one password is compromised, only one account is also compromised. It can be extremely difficult to remember all your complex passwords for every website, which is why we recommend a password manager as a secure and productive way to keep track of your passwords.
  6. Check your bank regularly – keeping a close eye on your bank statements means you can spot any suspicious or unusual transactions quickly. Cyber criminals know Black Friday will encourage lots of online purchases, meaning suspicious transactions are more likely to be overlooked. Scammers will usually start by taking small amounts out of your account, that may go undetected, before then taking larger amounts out (potentially leaving you penniless!).

5 popular Black Friday scams and how to outsmart them

1. The email confirmation for something you didn’t order

This scam proved particularly popular over lockdown, alongside the increase in online shopping. With Black Friday and Cyber Monday approaching, these scams are set to catch out busy online shoppers once more.

Buying in bulk can make it difficult to keep track of exactly what, where and when you’ve ordered. So, if you receive an email confirmation for an order you don’t remember placing, you might be less likely to dismiss the email as a scam.

These scams emails will often replicate popular retailers like Amazon, asking you to click a link to ‘view your order’. If you don’t remember making this order (which you won’t, because you didn’t), you’ll likely click the link to try and ‘get to the bottom of it’.

If you do click the link, you will be directed to a fake website (designed to replicate Amazon’s legitimate website) and asked to input your personal/financial details – thus handing them over to a dangerous cybercriminal.

How to avoid this Black Friday scam:

  • Stop and think – if you don’t remember ordering something, you probably didn’t.
  • If you’re unsure about the legitimacy of an email, reach out to the business (e.g., Amazon) directly via another channel, such as chat or telephone – they will be able to tell you whether the email was legitimate.

2. The item that never arrives

With online shopping on the rise during the last week of November, you may not notice this scam until later down the line (when you don’t receive the item you ordered). In this instance, you would have ordered something from a scam website, meaning you don’t receive a tracking number or your package, and the retailer is uncontactable.

How to avoid this Black Friday scam:

  • Only shop with reputable brands
  • If you are shopping with someone new, do your due diligence by checking their reviews on Google, Trustpilot, etc.
  • Check their website for a physical address and customer service phone number
  • Check the appearance of their website, including spelling mistakes, odd formatting or design and slow performance – all of these are indicators of an illicit website
  • Only buy from secure websites with an SSL encryption – their URL should start with https, rather than http, with a lock icon displayed in the corner

3. The unsecure public Wi-Fi

On the lead up to Christmas, many people panic-buy items on their mobile phones. Whether that’s trying to get the latest PlayStation on the go, making a last-minute purchase for a forgotten-about relative, or trying to find in-store items online with bigger discounts.

But, beware, using public Wi-Fi often poses many security issues, especially when making financial transactions. This applies to all public Wi-Fi, even those that require a password or log in. If the network is public, it can be easily penetrated by a scammer.

If you buy something online using public Wi-Fi, there is always a chance a cyber criminal is monitoring your activity and recording your payment details. These are called man-in-the-middle attacks and work by exploiting a flaw in the network to intercept traffic going to and from personal devices.

How to avoid this Black Friday scam:

  • Only shop online when using a private Wi-Fi connection, e.g., at home
  • If you absolutely must purchase something when you’re out and about, using mobile data is generally more secure than using public Wi-Fi

4. The fake charity donation

Throughout the festive season, people tend to give to those less fortunate, either via personal donations, fundraising, or by giving charitable donations as gifts. Unfortunately, cyber criminals are also on hand to exploit this generosity by setting up fake charities to donate to.

How to avoid this Black Friday scam:

  • Take the time to research the charity you’re going to donate to
  • There are plenty of resources to help verify the legitimacy of a charity. For example, Charity Navigator allows you to search for certified charities. It also has a gift basket feature that allows you to donate to multiple charities at once

5. The WhatsApp message

Another popular Black Friday scam is when a cyber criminal impersonates your friends or family, sending you a scam message (often via WhatsApp) containing an unreliable link.

Usually, this scam is easy to spot, and most people would ignore messages like this because our friends and family rarely send us spam links out of the blue. However, at this time of year, cyber criminals often position the link as an incredible Black Friday deal that cannot be missed. In this case, it’s more plausible that our loved ones might send us messages like this. In fact, it’s quite nice to know they’re thinking of us when browsing the sales.

However, if you do receive a message like this from a scammer, clicking on the link is a very serious security concern. These links can be used to unleash malware, direct you to fake websites (designed to look like legitimate retailers), and gather your personal details.

How to avoid this Black Friday scam:

  • If you receive random links out of the blue, double check the identity of the sender – check their number, their profile picture, and whether you have any conversation history with them
  • If in doubt, reach out to them directly via another channel, e.g., landline or Facebook messenger

Next steps

We hope these tips will help you stay vigilant online this November, protecting you from Black Friday and Cyber Monday scams.

To learn more about our Cyber Security Services click here.

Or for an overview of the cyber security risks you face and how to protect against them, you can download our definitive guide to protecting your data.


Netstar IT Support London - Cyber Security eBook

Since the increase in remote working, cyber-attacks have risen dramatically.

Complete the short form below to get your free eBook on how to secure your business.