How To Avoid Black Friday and Cyber Monday Scams This Year

What Are the Biggest Black Friday Scams To Watch Out For?

Knowing that so many people start their holiday shopping on Black Friday and Cyber Monday, scammers ramp up their schemes with fake online stores, bogus ads, and AI-powered phishing campaigns. 

According to the Federal Trade Commission (FTC), Americans lost $124.4 million to online shopping scams during the holiday season last year alone.

While there are plenty of good deals to be found online from legitimate retailers, it’s not always easy to know if you’re getting a deal or being duped by a fraudster.

Staying safe when doing your Black Friday shopping requires learning how to spot common scams, avoiding risky situations, and using the right tools and payment systems.

The 11 Latest Black Friday and Cyber Monday Scams To Avoid

1. AI-powered online shopping scams
2. Fake online stores
3. Account verification phishing emails
4. Fraudulent order confirmation messages
5. Delivery notification scams
6. Fake Black Friday sale ads on social media
7. Fake or deceptive Black Friday deals
8. Gift card scams
9. Bogus giveaways
10. Counterfeit products
11. Non-traditional payment options

Shoppers spent a record $10.8 billion during Black Friday and Cyber Monday in 2024 — creating a lucrative opportunity for scammers. Here are the most common and dangerous online shopping scams to watch out for this holiday season — and how to avoid them.

Did you fall for a Black Friday or online shopping scam? Follow these steps to limit the damage, lock down your online accounts, and try to recover your money.

1. AI-powered online shopping scams

The biggest online shopping scam trend in recent years has been the use of artificial intelligence (AI) by fraudsters. AI tools like ChatGPT enable scammers not only to create more fake sites in less time — but also to make them more believable.

Microsoft Security warned that scammers are using generative AI to create product descriptions, images, reviews, and sometimes even influencer videos to make shoppers believe they’re doing business on legitimate websites.

Scammers also set up spoofed websites and then influence AI chatbots to send shoppers to these phony sites. One study found that AI chatbots directed users to the wrong branded websites up to 34% of the time.

The bottom line: AI-powered scams are more prevalent and believable. When shopping online in 2025, be extra vigilant in looking for signs of a scam — such as misspellings in the URL, too-good-to-be-true deals, requests for sensitive information, and non-traditional payment methods, such as cryptocurrencies, payment apps like Venmo and Cash App, or gift cards.

2. Fake online stores

Even without AI tools, scammers can create fake online stores or spoof popular e-commerce and retailer sites in order to trick you into sending them money or entering your financial data and other personally identifiable information (PII).

At best, you could end up paying for a counterfeit product. At worst, scammers use your stolen information to steal your identity and commit financial fraud.  

Warning signs of a fake online store include:

• Spoofed domain names. Check the URL of any site asking for payment or personal information. Scammers regularly try to “spoof” legitimate website domains by using common (and easy to overlook) misspellings or by including branded terms in the URL (for example, “Walmrat.com” instead of the official “Walmart.com” or “deals-at-bestbuy.info” instead of “bestbuy.com”).
• Poor design, copy, and user experience (UX). While AI has allowed scammers to create more believable websites, there are still telltale warning signs indicating that you’re visiting a fake shopping website. Look for poor-quality images and language that doesn’t make sense. If you think a site is using AI-generated images, you can check the authenticity by using tools like Sightengine.
• Missing contact information. Online stores should include contact details (including an address and phone number) that are consistent across the site and external sources, such as in social media and Better Business Bureau (BBB) profiles.‍
• Not using HTTPS. Any online retailer that handles sensitive information — such as passwords or payment information — should use an HTTPS connection to ensure that the data can’t be intercepted. Check the URL to make sure you see HTTPS — not HTTP.

3. Account verification phishing emails

Scammers know that you’re likely receiving an influx of emails from stores and services promoting  Black Friday sales. 

One common scam entails impersonating well-known brands and sending phishing emails that claim there’s problems with your account. The goal is to get you to click on a link that takes you to a fake sign-in page where the criminals can steal your passwords or pressure you to enter your payment information. 

For example, you might receive an email claiming to be from Amazon or Netflix, stating that your account will be cancelled if you don’t update your payment information. But if you click on the phishing link and enter your information, it goes straight to the scammers.

Before you click on a link, look for these warning signs of a phishing email:

• Generic email domains (Gmail, Yahoo, etc.). Companies won’t send official messages from a free or generic email provider like Gmail. Instead, communications should come from their official domains (for example, “@Apple.com”).
• Spoofed email addresses. Phishing emails often come from email addresses that look legitimate, until you dig deeper. Similar to fake websites, look for spoofed domains in email addresses (for example, “accounts@returns.best-buy-deals.com”).
• Urgency and threats. These messages try to get you to act quickly and without thinking. If the message causes anxiety or stress, it could be a scam.
• Suspicious links. Hover over links on desktop — or press and hold (long click) on mobile — to see where they’re sending you. If the link doesn’t lead to the company’s official website, it’s a scam.

4. Fraudulent order confirmation messages

Scammers try to steal your payment information by sending fake order confirmation emails and text messages. For example, you may receive a text message claiming that someone made a purchase for a new MacBook on your Amazon account or via your online bank. The message will ask you to confirm that this was you, and if not, to call a number.

Once on the phone or on a website they control, scammers will pressure you to provide passwords and payment information that they can then use. If in doubt, don’t respond. Instead, contact the company directly.

Note: The bank (or other online services that you use) may send legitimate order confirmation text messages. These likely come from official “short codes” that you can verify on the bank’s website. For example, Wells Fargo uses 93557, 93733, 93729, 93767, 20342, 22981, or 93000.

5. Delivery notification scams

Fraudsters also impersonate delivery services, such as FedEx, UPS, and the U.S. Postal Service (USPS), and send notifications that there are problems with your delivery.

These messages typically include some form of “urgent information” to try and get you to act quickly — such as claiming you’ve missed a delivery, must pay to release a package, or need to update your shipping information.

Scammers may even use your real name, address, and other personal information that has been leaked in data breaches to make these messages seem more legitimate.

Don’t click on links in text messages. Instead, look for the shipping confirmation in your email account, or sign in to your account with the store or shipping company to see if the issue is real.

6. Fake Black Friday sale ads on social media

According to the FTC, 71% of scams originate on social media. Scammers create flashy ads promoting discounted prices to entice shoppers — but if you click, you’ll be taken to a spam website selling knockoffs or a fake store that steals your personal information.

In another version of this scam, fraudsters pose as disgruntled employees from luxury stores and post secret “discount codes” — but when you try to use them, you’re taken to fake stores that impose massive shipping fees.

The bottom line: Don’t blindly trust social media ads. If you see a deal you’re interested in, navigate to the store or retailer directly (not via the ad) to see if the deal really exists.

7. Fake or deceptive Black Friday deals

Some of the biggest “scams” each Black Friday and Cyber Monday are the deals themselves.

Retailers often inflate prices in the weeks or months leading up to the holidays to make it appear as if they’re offering larger discounts.

A consumer study from Which? found that 92% of Black Friday deals “were the same price or cheaper at other times of the year.”

Companies also advertise significantly discounted “doorbuster” deals in limited quantities to get people into their stores (or onto their websites) where they can pressure shoppers into buying something else.

Google’s Shopping Insights (and other similar services) can track the changes in prices of products over time, so you can see if you’re actually getting a good deal.

8. Gift card scams

Scammers love gift cards because they’re easy to purchase and almost impossible to trace or refund once sent.

During Black Friday and Cyber Monday, fraudsters may set up fake stores and request payment via popular gift cards, such as Amazon, Apple, Microsoft, or Visa prepaid cards. You could also receive phishing emails, texts, or calls demanding payment via gift cards.

The bottom line: If someone asks you to pay with a gift card, it’s a scam. Don’t send gift cards or supply someone with gift card numbers and PINs unless it’s a gift to that person.

9. Bogus giveaways

With American households feeling economic pressure, and consumer sentiment hitting a nearly 10-year low, many people are looking for giveaways to help soften the blow. Scammers take advantage of this by advertising sweepstakes, freebies, and giveaways across social media platforms and fake websites.

The catch? You need to supply sensitive personal information to “enter the giveaway” or pay money to “release your prize.”

Many scammers also use AI tools to create deepfake videos that purport to show celebrities offering giveaways or endorsing products and investments. In one scam, cybercriminals created a deepfake video of Taylor Swift endorsing a fake Le Creuset cookware giveaway.

10. Counterfeit products and fake coupons

Some fake online stores claim to sell legitimate products at large discounts, but then ship cheap knock-offs instead. This is often the case for luxury goods, such as high-end clothing and jewelry.

The Better Business Bureau (BBB) advises shoppers to “read product reviews for extremely discounted items. It could be a cheaper model and not what is expected.”

Scammers may also create fake websites that claim to house special discount codes, coupons, or vouchers for popular retailers. At best, these sites are loaded with ads (and no real coupons). At worst, your device could become infected with malware from a malicious ad.

Pro tip: Companies almost never publicly share valid discount codes over 15 or 20%. Always ensure that you check discount codes on the retailer’s official site during the checkout process.

11. Non-traditional payment options

Legitimate online retailers should always accept traditional payment methods, such as credit cards or trustworthy payment apps like PayPal. If a store or seller only accepts a non-traditional payment method, they may be trying to scam you, as these methods are harder to trace and refund.

Be extra cautious if a store or seller asks you to pay with:

• Wire transfers. These are nearly instantaneous — and impossible to refund once sent.
• Cryptocurrencies. Hackers love cryptocurrencies like Bitcoin, Ethereum, and alt coins, as they allow for anonymous transactions that can’t be refunded or traced.
• Payment apps like Zelle, Venmo, and Cash App. While some payment apps offer payment protection if you mark the payment as for a business, scammers try to get you to mark it as personal — so it can’t be refunded.‍
• Gift cards. Unless you’re using a gift card on the retailer’s official website (i.e., using an Apple gift card to buy an iPhone from the official Apple Store), this is a clear red flag of a scam.

How To Avoid Getting Scammed on Black Friday

Black Friday and Cyber Monday may offer some of the best deals for online shoppers, but they also present lucrative opportunities for cybercriminals.

Follow these tips to help detect and avoid the most common Black Friday scams of 2025:

• Stick to well-known retailers. If you can’t find what you’re looking for in an online store that you trust, take time to inspect the site and check reviews to ensure you’re dealing with a legitimate company.
• Double-check website URLs. To make sure that you’re not on a spoofed version of an online store, scrutinize the URL and look for HTTPS (rather than HTTP).
• Use your credit card. Your credit card includes many more safety precautions than your debit card or other payment methods. Pro tip: Don’t save your credit card information when shopping in online stores. This way, your payment details won’t be leaked if the store gets hit with a data breach.
• Never click on unfamiliar links. If you get an email or text message that includes a link, don’t click on it. Navigate directly to the official website to see if the message is genuine.
• Track prices, and check return policies. Use price-tracking tools to make sure you’re getting a true deal. Also, make sure you understand your rights to return the product if there are issues.
• Secure your online accounts. Strong passwords offer the minimum when it comes to protecting your accounts. Enable two-factor authentication (2FA) for online banking, social media, email, and any accounts for which you’ve saved personal data (especially your payment information).
• Keep your device safe from malware. Some links and fake websites try to infect your device with malware and other viruses. Keeping your device’s operating system up to date can help reduce vulnerabilities. But for added protection, consider installing antivirus software.
• Monitor your accounts. Keep an eye on your credit report and bank statements for signs that someone has made charges or opened accounts that you didn’t approve. Aura provides the fastest fraud alerts in the industry when compared to other credit monitoring services³.

Lastly, if in doubt, a quick online search can often tell you if other people have come across the same (or a similar) scam. Try searching for the company name, product, or method + scam (e.g., “G’s Record Store + scam,” “Headphones scam,” or “email gift card scam”).

Scan the top results for posts or news stories that confirm you’re dealing with a scam.

Did You Get Scammed While Shopping Online? Do This!

If you’ve been scammed during the holiday shopping season, it’s important to act quickly to limit the damage, secure your accounts, and try to recover any lost funds.

Here’s what to do as soon as you realize you’ve been scammed:

• End all communication immediately. While it may be tempting to fight with the scammer, it's best to resist. By continuing the conversation, you risk exposing more sensitive information. ‍
• Cancel any pending payments. The moment you realize it’s a scam, contact your bank or the payment processor to try and pause the payments and recover your money.
• Freeze your credit. A credit freeze (or credit lock) stops fraudsters from opening new accounts or taking out loans in your name. Contact each of the major credit bureaus to request a credit freeze. You can also use Aura’s one-click credit lock to instantly lock and unlock your Experian credit file. ‍
• Contact your bank or lender. Make sure that all recurring payments are canceled, and inquire about a chargeback. It might not be possible; but if you used a credit card for the transaction, the bank or credit card company might be able to refund the money.
• ‍Submit an official complaint with the retailer. Most department stores or online marketplaces such as Walmart, Amazon and eBay are reputable businesses with proactive customer support teams. It’s always worth filing a complaint, as the company can investigate and try to remediate the issue.‍
• Report any third-party accomplices. If a social media ad is part of the scam, you can report the ad to the relevant platform. Often, scammers delete their fake social media accounts after they succeed, but you can still report the issue to help the platform protect other users.‍
• File a police report. Notify your local police department of the scam, and provide all the details to help them build their case. Chances are that you’re not the only victim, so more evidence will aid police in their pursuit of the criminals. Also, your bank or credit card company may request a copy of a police report, so don’t hesitate to take this step. ‍
• Consider a digital security solution. Aura’s top-rated identity theft protection monitors all of your most sensitive personal information, online accounts, and finances for signs of fraud. Try Aura’s 14-day free trial for immediate protection while you’re most vulnerable.

Most consumers never expect to encounter problems when carrying out routine holiday shopping; but unfortunately, identity theft and financial fraud always happen when you least expect it.

Always stick to trusted retailers. If you want to buy something from a new Shopify store or Etsy merchant, do your research by reading customer reviews. Also, check out what other customers are saying about the merchant on social media, and stay safe by using your credit card (not debit card) for all online purchases.

Keep in mind that even the most secure websites can get hacked, allowing cybercriminals to steal your credit card information and PII. Taking extra precautions by using antivirus software, a virtual private network (VPN), and a password manager will give you peace of mind as you shop online.