How Black Friday became the most dangerous day on the internet

1. Tech

Fraudulent deals, phishing attacks and AI-generated websites are plaguing online shoppers on what has become known as ‘Black Fraud day’

Sign up to our free weekly IndyTech newsletter delivered straight to your inbox

Sign up to our free IndyTech newsletter

Sign up to our free IndyTech newsletter

I would like to be emailed about offers, events and updates from The Independent. Read our Privacy notice

Criminals have been plotting for months. The traps are laid, the snares are set, and now all they have to do is wait for the clicks.

Tomorrow is expected to be the busiest shopping day of the year, but also the most dangerous for online shoppers. Fraudulent deals, phishing attacks and fake websites are already plaguing the internet as scammers look to capitalise on the sales frenzy that is Black Friday.

Cyber security professionals are increasingly referring to it as ‘Black Fraud Day’ due to the growing number of people falling victim to scams, with this year’s edition expected to be one of the worst yet.

Attacks can come in many forms: fake delivery texts with dodgy links, unsolicited emails offering too-good-to-be-true deals, and bogus online adverts impersonating popular retailers.

Hackers are also taking advantage of artificial intelligence tools to automate attacks and make threats even more difficult to spot.

“Fraudsters are targeting bargain hunters with increasingly sophisticated scams, sometimes crafted using AI, making them harder to detect,” Dr Megha Kumar, chief product officer at data protection firm CyXcel, told The Independent.

“Scammers take advantage of the increased volume of transactions by creating fraudulent offers, often luring unsuspecting shoppers to fake e-commerce sites where their payment details are compromised.”

These fake websites mimic the online storefronts of legitimate retailers, tricking shoppers to visit them through enticing ads and promoted posts on social media. They are designed to steal people’s credit card details, or even their entire online identity. Developed using new AI tools, they can be difficult to distinguish from the real thing.

Data from security platform NordVPN reveals that fake Amazon storefronts have surged by more than 200 per cent in recent days, and fraudulent eBay sites have shot up by more than 500 per cent.

Get 64% off Proton VPN

Servers in over 120 countries connect up to 10 devices 30-day money back guarantee

ADVERTISEMENT. If you sign up to this service we will earn commission. This revenue helps to fund journalism across The Independent.

Get 64% off Proton VPN

Servers in over 120 countries connect up to 10 devices 30-day money back guarantee

ADVERTISEMENT. If you sign up to this service we will earn commission. This revenue helps to fund journalism across The Independent.

“Many of these sites are almost indistinguishable from the real thing,” a spokesperson for NordVPN said, adding that “convincing checkout pages are designed solely to harvest personal and payment information.”

According to a recent survey of more than 30,000 people from 185 countries, the majority of people (68 per cent) are unable to identify fake websites.

Malicious links embedded in emails are also on the rise, leading shoppers to these scam stores. Phishing emails targeting Black Friday shoppers are up more than 620 per cent, according to cyber security company Darktrace.

The Annual Fraud Report 2025 from UK Finance revealed that such swindles are increasingly effective, with total fraud losses topping £1.1 billion last year.

Another trick can come from the retailers themselves, who jack up the prices in the weeks leading up to Black Friday in order to offer artificial discounts when the day arrives. One way to check such sales is through price tracker sites like PriceLasso or CamelCamelCamel, which allow you to check the price history of a product to see if it’s actually a good deal.

The advice from security experts and consumer watchdogs is to be especially weary during the Black Friday and Cyber Monday sales: Double-check URLs, be skeptical of emails and texts purporting to be from vendors or delivery services, avoid shopping on public WiFi, and to monitor bank transactions.

With increasingly sophisticated techniques to bypass scam ad and email detection systems, industry figures say that vigilance is the key to staying safe online.

“This isn’t just about detecting malicious links. Instead it’s about rewriting behaviour,” said David Higgins, chief technology officer of software firm CyberArk.

“Each year, phishing attacks continue to be the leading cause of fraud because they exploit human instinct, and no technology can fully compensate for a moment of misplaced trust.

“Cyber security is as much a cultural issue as it is a technical one. Real resilience comes from combining strong identity controls with a culture that encourages people to pause, question and verify before they click.”

The article below is an excerpt from The Independent’s IndyTech newsletter. To sign up, simply enter your email address in the box at the top of the page.

More about

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Most popular

Popular videos

Bulletin

Read next