Take extra care shopping for Black Friday deals - experts find thousands of fake websites looking to steal your details

1. Pro
2. Security

Take extra care shopping for Black Friday deals - experts find thousands of fake websites looking to steal your details News By Sead Fadilpašić published 28 November 2025

Take your time, or you could lose your money, experts warn

Comments (0) ()

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

(Image credit: Shutterstock)

• CloudSEK warns of 2,000+ fake Black Friday ecommerce sites stealing money and data
• Scam clusters impersonate Amazon, major brands, using urgency timers and phishing checkout kits
• Campaign could net $24M, showing industrialized, automated holiday fraud at massive scale

This Black Friday, there are thousands of fake online stores designed only to steal your money, and your sensitive data.

This is the warning given out by cybersecurity experts CloudSEK, who are sounding the alarm on two major scam clusters active right now.

One of the best ways to spot a phishing or scam attack is its sense of urgency - scams are usually an offer that’s about to expire, or a threat of an account being suspended if immediate action isn’t taken. But Black Friday is timed as well, helping criminals hide their intentions even better.

You may like

• Watch out - that Amazon page offering amazing Black Friday deals could be a dodgy spoof site, and could leave you seriously out of pocket
• Black Friday shopping scams are on the rise - experts warn many new domains could be dodgy, here's what to look for
• Black Friday shoppers advised to be cautious as fake Amazon, eBay websites soar

Spoofing retailers and major brands

CloudSEK found more than 2,000 fraudulent holiday-themed ecommerce sites, designed to exploit customer trust by impersonating popular retailers. These websites were part of two huge clusters - one comprising roughly 750 sites, and one with more than 1,000 domains.

The first cluster mostly impersonates Amazon and other retailers. The sites look almost identical, with similar templates, fliplock-style urgency timers, fake trust badges, and pop-ups apparently displaying recent purchases.

The second cluster is all under the .shop Top Level Domain, and impersonates major brands rather than retailers. Samsung, Ray-Ban, Xiaomi, Jo Malone, and others, are being mentioned.

“These sites replicate the same Black Friday/Cyber Monday template and fraudulent checkout process for financial fraud, indicating the use of a standardized phishing kit,” the researchers said, adding that the payments are redirected to attacker-controlled shell checkout sites.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

It is unclear how people land on these sites, but CloudSEK speculates it’s most likely through social media ads, SEO poisoning, and direct advertising through instant messaging platforms such as WhatsApp and Telegram. The researchers believe that each site could rake in up to $12,000, meaning that the entire campaign could bring more than $24 million in stolen money.

For Ibrahim Saify, Security Researcher, CloudSEK, this is a demonstration of the “industrialization of holiday scams.”

“The scale of this ecosystem, spanning more than 2,000 coordinated fake domains, shows how rapidly cybercriminals are automating fraud. If left unchecked, these scams could cause significant financial losses for consumers and erode trust in global e-commerce during its busiest season,” Saify stressed.

The best antivirus for all budgetsOur top picks, based on real-world testing and comparisons

➡️ Read our full guide to the best antivirus1. Best overall:Bitdefender Total Security2. Best for families:Norton 360 with LifeLock3. Best for mobile:McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

TOPICS Black Friday Sead FadilpašićSocial Links Navigation

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Logout Read more Watch out - that Amazon page offering amazing Black Friday deals could be a dodgy spoof site, and could leave you seriously out of pocket    Black Friday shopping scams are on the rise - experts warn many new domains could be dodgy, here's what to look for    Black Friday shoppers advised to be cautious as fake Amazon, eBay websites soar    Too good to be true? Be careful when looking through those Black Friday offers - they might be a scam    Online scams skyrocket before Black Friday – NordVPN warns what shoppers should watch out for    Cybercriminals used more than 100,000 websites ahead of Amazon's October Prime Day to fleece customers looking for a deal - here's what you should know about staying safe    Latest in Security Microsoft Teams guest access could let hackers bypass some critical security protections    Multiple London councils affected by apparent cyberattack    Zendesk users targeted by Scattered Lapsus$ Hunters hackers and fake support sites    Malicious Blender model files deliver StealC infostealing malware    Popular JavaScript library can be hacked to allow attackers into user accounts    Maybe don't trust every Windows Update without checking - hackers hijack images to spread dangerous malware    Latest in News Premier League Black Friday deal: Get 50% Off Walmart+ and watch 2025-26 EPL season on Peacock    NYT Connections hints and answers for Saturday, November 29 (game #902)    NYT Strands hints and answers for Saturday, November 29 (game #636)    Quordle hints and answers for Saturday, November 29 (game #1405)    New Supergirl tease drops a big hint that a trailer for the DC comic book movie could be released very soon    If Nvidia VRAM rumor is true it'd be bad news for some graphics card makers    LATEST ARTICLES

1. 1NYT Strands hints and answers for Saturday, November 29 (game #636)
2. 2NYT Connections hints and answers for Saturday, November 29 (game #902)
3. 3Quordle hints and answers for Saturday, November 29 (game #1405)
4. 47 new movies and TV shows to watch on Netflix, HBO Max, Disney+ and more this weekend (November 28)
5. 5Solid-state battery packs are on the rise – and this early contender has two key benefits over its traditional rivals