The holiday shopping season is right around the corner, and you may be gearing up to take advantage of major deals on Black Friday and Cyber Monday. While these are prime opportunities to score discounts on wish list items, the shopping frenzy unfortunately attracts scammers hoping to prey on unwitting consumers.
According to the FBI’s Internet Crime Complaint Center (IC3), $4.1 billion was lost to online shopping fraud in 2020. That‘s a staggering increase of 69% from 2019.
So how do you make sure you protect your personal and financial information? Let’s explore some of the most common Black Friday scams to be on guard against, with tips to help you avoid getting duped.
Top 10 Black Friday Scams to Watch Out For
While old-fashioned phishing attacks still happen, scammers are getting more creative with how they try to steal your money and information. Here are 10 popular new tricks fraudsters use:
1. Fake Coupons and Vouchers
Who doesn’t love a good coupon or discount code during the holidays? But not all deals are as sweet as they seem.
Bogus coupon sites entice you to enter your email or other personal details to receive an online promo code. But it’s a ploy to obtain your information, redirect you to shady third-party websites, or install malware on your device.
According to the Better Business Bureau, fake voucher scams rose by over 100% in 2021, frequently targeting Facebook users.
How to avoid: Only use coupons from reputable retailers’ own websites or apps. Be wary of unsolicited promotional codes, and don’t enter your personal information on unfamiliar sites.
2. Spoofed (Fake) Shopping Websites
Through a practice called domain spoofing, scammers create counterfeit websites impersonating legitimate online retailers. The fake site looks eerily similar to the real one—only the URL gives it away.
Spoofed sites aim to steal financial information or install malware. In 2021, the FBI reported a spike in complaints about spoofed websites, with $44 million lost to these online shopping scams.
How to avoid: Carefully check the domain name, which for a spoofed site will slightly differ from the actual brand‘s official website. Look for the “https” and padlock icon indicating a secure connection before entering any information.
3. Account Verification Scams
Don’t be fooled by urgent emails or texts claiming there’s a problem with your account that requires you to verify personal information. This “phishing” scam aims to trick you into sharing passwords, Social Security numbers, or financial details.
A 2022 AARP survey found only 31% of adults could correctly identify that retailers will not contact you this way for account support. Scammers are preying on this lack of awareness.
How to avoid: Look closely at the sender’s email address or domain—is it slightly odd? No legitimate company will request sensitive information via email or text. When in doubt, contact them directly through their official website or app.
4. Fake Shipping Notifications
You shopped some amazing Cyber Monday deals, so naturally you’re anxiously awaiting those shipping confirmations. Scammers leverage this anticipation with phishing texts or emails about a package delivery.
They’ll include a link prompting you to fill in personal details to finalize the delivery—opening the door for identity theft. Or the link downloads malware to your device.
This “smishing” scam spiked during the 2021 holidays, according to cybersecurity firm Zimperium. Surprisingly, shipping scams mainly targeted younger adults under 35.
How to avoid: Never click links about package tracking from an unknown sender. Confirm deliveries directly with the retailer, or check the shipping provider’s website.
5. Fraudulent Order Confirmations
More eager anticipation of holiday packages makes it easier for scammers to trick you with fake order confirmations.
A phishing email or text might claim payment for an item was processed. But you’ll notice the retailer sounds unfamiliar because you never actually placed an order!
The fake confirmation will ask you to click a link to cancel the purchase—sending you to a phishing site or malware download.
How to avoid: Verify any suspected fake charges directly with the retailer, bank, or credit card company. Don’t rely on account details in an email.
6. The Non-Delivery Scam
Imagine finally scoring that hot ticket item online, only for it to never show up. With this scam, you won’t receive the order confirmation after purchasing or get any shipping details. The seller disappears with your money in hand!
In 2021, the FBI reported that victims of online shopping scams lost $56,000 on average—and that‘s just reported cases. Many more non-delivery scams go unreported each year.
How to avoid: Only use reputable retailers and be very wary of independent websites with deals that seem too good to be true. Pay with a credit card whenever possible for added protection.
7. Fake Billing Error Scams
Don’t fall for phishing emails about a billing error for an order you never placed. They may claim you need to verify payment details or provide sensitive information to clear up the “accidental” charge.
Other times, scammers send a fake invoice and hope the urgent tone prompts you to pay it without carefully checking that it’s fraudulent.
The Internet Crime Complaint Center warns these types of holiday cons have been on the rise in recent years.
How to avoid: Look up the company directly to verify any billing discrepancies. Don’t reply to the email or open any attachments. Only provide information through official channels on the retailer‘s website.
8. Gift Card Scams
Who doesn‘t love giving and receiving gift cards during the holidays? Scammers leverage our fondness for gift cards by requesting them as payment for online purchases that never arrive.
Or they may send a phishing email with links claiming to reactivate your card—instead stealing the gift card number and PIN for their own use.
Losses related to gift card fraud spiked by 102% in 2021 over the previous year, according to the Internet Crime Complaint Center.
How to avoid: Only buy gift cards directly from the merchant, or purchase from secure displays at trusted retailers. Register your card ASAP, and never share the numbers in an email or text.
9. Fake Charities
‘Tis the season for giving back! But beware of fake charities trying to pull heart strings with phishing messages asking for donations.
They impersonate and use slight variations of real charity names. Or rely on lookalike branding and messaging to appear credible. But donated funds actually go right into the scammers’ pockets.
Nearly 40% of people give money to a charity without vetting it first, per a 2019 survey from personal finance site Finder—that‘s a lot of potential victims.
How to avoid: Be proactive by looking up any unfamiliar charitable organizations on sites like Charity Navigator and the BBB before donating. Reputable nonprofits will happily answer questions about how they utilize donations as well.
10. Social Media Shopping Scams
Social networks like Facebook and Instagram are hotbeds for online shopping scams:
- Fake listings for discounted luxury goods or “hot” toys
- Posts mimicking real ads to phish for your info
- Links to malicious sites disguised as deals
A common scam lately involves Google Voice verification. A “buyer” asks you to confirm your social media marketplace sale is legit by sharing the Voice code they texted. But it allows them to use your number for fraud!
How to avoid: Always verify social media sellers through reviews, and only purchase items via secure checkout on retailer websites—not through direct messaging.
12 Tips to Avoid Black Friday Cyber Scams
Now that you know the most prevalent online shopping scams to watch for, here are pro tips to make your holiday buying secure:
1. Research Before You Buy
Before clicking checkout, Google search the company selling the product along with words like “reviews,” “scam,” or “complaints.” This helps surface any red flags.
Checking review sites can also give you an impartial look at potential fraud risks or bad business practices.
2. Verify the Seller’s Legitimacy
Take a few minutes to look up the domain registration, corporate address, customer service contact info, and other details about an unfamiliar seller.
Search the BBB and fraud database sites to confirm other customers haven’t reported rip-offs.
3. Only Shop on Secure Sites
Always stick to reputable online retailers you know, and triple check the URL starts with “https” and shows a padlock icon. This verifies website security and encryption.
Bookmark or save your favorite shopping sites to ensure you access legitimate domains and avoid spoofs.
4. Never Shop or Link from Social Media
It’s safest to only purchase items through official retailer websites, not via social media ads or marketplace listings. Ignore enticing offers in posts—they’re likely scams.
Also resist clicking links in social media messages about deals. Go directly to a retailer’s website to find any promotions.
5. Beware of Phishing Lures
Don’t trust unexpected texts or emails about your order status. Fake delivery alerts and prompts to verify account details are phishing ploys for stealing personal information.
Contact companies directly through their official website or app if you have any order inquiries.
6. Use Secure Payment Methods
Pay only through legitimate checkout processes on encrypted retail websites. Never provide card details via email, text or direct messaging.
For optimal financial protection, use credit cards when shopping online rather than debit cards or services like wire transfers.
7. Keep Device Security Up-to-Date
Make sure you have antivirus software installed. Only download apps from official sources like the Apple App Store or Google Play.
Keep software updated and turn on automatic updates where possible, since patches fix important security vulnerabilities.
8. Don‘t Use Public Wi-Fi for Shopping
Avoid accessing payment info or logging into accounts over public Wi-Fi. The network traffic can be visible to cybercriminals.
If you need to shop on public Wi-Fi, use a virtual private network (VPN) to encrypt your connection and transactions.
9. Create Strong, Unique Passwords
A password manager helps you store unique, complex passwords for all your online accounts. This is vital since reusing passwords heightens fraud risk.
Enable two-factor authentication whenever possible as well, for an extra account security layer.
10. Monitor Financial Accounts and Billing
Keep close tabs on your financial accounts and watch for any unauthorized charges. Report any suspicious transactions to your credit card issuer or bank ASAP.
Consider signing up for account alerts to stay on top of activity. Checking your credit reports periodically is smart too.
11. Avoid Public Computers for Shopping
Be cautious when accessing online accounts from public devices like library or hotel business center computers. You don’t know if malware was installed to steal credentials and financial data.
If using a public computer is unavoidable, at least avoid logging into financial accounts or entering any sensitive information.
12. Don‘t Shop Over Public Wi-Fi
Public Wi-Fi is risky for online shopping because it allows cybercriminals to potentially view your internet activity and sensitive data. If you need to shop on public Wi-Fi, use a virtual private network (VPN) to keep your connection encrypted and obscure your online transactions from prying eyes. Stick to cellular data or private Wi-Fi whenever possible.
What To Do if You’re the Victim of a Black Friday Scam
If you discover that a scammer has duped you this holiday shopping season, stay calm and take these steps to limit damage:
- Monitor statements closely: Watch all financial accounts used to make purchases for any fraudulent transactions. The sooner you spot something fishy, the better.
- Alert relevant institutions: Notify your credit card issuer and bank immediately about any unauthorized charges or suspicious activity. They can freeze accounts, reverse payments and take other damage control steps.
- Report cases of fraud: File reports about any scams or identity theft with the FBI’s Internet Crime Complaint Center. Also notify the Federal Trade Commission and your state attorney general’s office.
- Change passwords: If you shared sensitive login credentials with a phishing scam site, update passwords and security questions for those accounts right away.
- Run security scans: Make sure security and antivirus software is fully updated, then perform full scans to check for any malware that may have been downloaded onto your devices.
- Consider a credit freeze: Placing a credit freeze restricts access to your credit file so no new accounts can be opened without your authorization. This is especially important if you‘re at risk for synthetic identity fraud.
- Sign up for monitoring: Security software with dark web monitoring features can alert you if your information appears for sale illegally online. Monitoring helps detect fraud early.
Shop Safely and Save Smart
While online shopping delivers convenience, it also carries enhanced risks—especially during high-volume holidays like Black Friday. But you can foil the cyber Grinches‘ schemes to steal Christmas by staying vigilant against the dirty dozen scams.
Follow cybersecurity best practices, trust your gut instincts, and avoid deals that seem just a little too good to be true. By understanding the latest fraudster tricks, you can stick to the “nice” list this holiday season and protect your hard-earned money.
Here’s wishing you happy holidays and safe shopping!