Beware of Black Friday and Cyber Monday Scams
When Thanksgiving ends, the madness of Black Friday and Cyber Monday hits its peak. Last year, even a global pandemic couldn’t slow the siege, as holiday shoppers dropped a record-breaking $9 billion on Black Friday shopping and Cyber Monday deals [*].
While the new omicron variant poses a threat to in-store shopping this year, online purchasing remains as the leading method of consumer spending.
While that’s great news for online retailers offering endless deals to holiday shoppers, there is a dark underbelly to Black Friday and Cyber Monday — the growth of financial fraud and identity theft during this time of year.
In this guide, we’ll break down six highly common Black Friday and Cyber Monday scams to watch out for. Learn how to recognize the red flags, take preventive action, and react quickly if you’re a victim to fraud.
What Types of Scams Happen on Black Friday and Cyber Monday?
Black Friday scams and Cyber Monday schemes are designed to trick unsuspecting Americans out of their money and/or financial information.
Specifically, fraudsters will target consumers by attempting to steal their credit card numbers (and use them for a carding scam), bank account numbers, phone numbers, social media accounts and email addresses for one common purpose — to commit fraud.
Once a fraudster seizes your personal data, they can steal your money or commit crimes in your name — an illegal practice known as identity theft. Phony websites, fake gift cards, and social engineering attacks like phishing are also very common scams during this time of year.
Offline scams are also on the rise — like the woman tricked into buying a box of potatoes instead of an iPhone [*]. That said, the vast majority of Black Friday and Cyber Monday scams take place online.
So, what are the most common ways consumers get scammed on Black Friday and Cyber Monday? There are many signs of identity theft to beware of, but let’s focus on exposing the top six trending scams that holiday shoppers must beware of this year.
1. Fake Order Scam
Phishing is one of the oldest tricks in the book, but modern day phishing attacks have become more sophisticated. In the fake order scam, con artists will send cryptic text messages or unsolicited emails to notify you of a "problem" with your online order.
But you never ordered anything! They want you to click the link in the phishing email, which leads to a page asking for your banking credentials or other sensitive information, which they can use for bank scams and other frauds.
These emails are structured to appear like they came from a legitimate sender, like Amazon or eBay, but don't fall for it.
2. Fake Delivery Notification Scam
Phishing attacks go a step further in this ploy, as criminals will send fake delivery notifications by text or email. Usually, these notifications are disguised to be from FedEx, UPS, or the U.S. Postal Service.
Just like the fake order phishing scam, you’ll be invited to click a link to accept your delivery, where they’ll steal your personally identifying information.
3. Non-Delivery Scam
If a deal seems too good to be true on Black Friday or Cyber Monday, it usually is. When making online purchases, you should always receive an order confirmation with a tracking number.
But in this scam, you won’t. And surprise, surprise, the package will never arrive. When you attempt to rectify matters, the seller will vanish.
4. Gift Card Scam
In this scam, an online store will ask that you pay using a digital gift card or coupon. As gift card purchases can’t be tracked, it’s impossible to retrieve the money after a thief obtains your gift card details.
According to the Federal Trade Commission [FTC], one in four fraud victims claim they paid with a gift card [*].
Microsoft recently announced it would email virtual gift cards to 50,000 random U.S. customers [*]. Although this is a bona fide offer, consumers should beware as hackers also imitate gift cards for PS5 and Xbox in a sophisticated attempt to steal cryptocurrency [*].
Once unsuspecting consumers click the link, the malware installs on their computer and seeks out their cryptocurrency wallet addresses.
📚 Related: The 10 Worst Walmart Scams & Fraudulent Schemes of 2022 →
5. Fake Charity Scam
In the spirit of Thanksgiving, many people donate to charities during the holiday season. Unfortunately, there are plenty of scammers waiting to take advantage of people’s good hearted intentions.
Charity fraud scams impersonate successful charity organizations, where con artists go to great lengths to deceive their victims. Using fake copycat websites and well orchestrated social media campaigns, these fraudsters deceive people into making donations that never reach a legitimate charity.
Check out the FTC's guidelines on how to research a charity before giving donations. Be especially aware of the many veterans charity scams.
6. Fake Website Scam
Cybercriminals are setting up imitation websites of popular online stores and e-commerce sites. These copycat websites look exactly like the official retailer, and the untrained eyes of an average consumer can easily fall for the trap.
If you've unsuspectingly made an online purchase from a fake retail website, you are a victim of financial fraud — meaning, criminals have likely stolen your credit card information and personal details. Your children may also be at risk of child identity theft if they don't know how to spot these fake websites.
How Can I Avoid Getting Scammed on Black Friday and Cyber Monday?
Black Friday and Cyber Monday present lucrative opportunities for cybercriminals, so you need to remain vigilant while you’re shopping online. Follow these tips to help you detect Black Friday and Cyber Monday scams.
1. Avoid Buying From Unfamiliar Retailers
The growth of independent e-commerce websites means consumers must navigate uncharted waters if they want to buy unique or novelty items from lesser-known brands.
The Better Business Bureau (BBB) advises shoppers to:
“Read product reviews on extremely discounted items. It could be a cheaper model and not what was expected. [*]”
Always take the extra time to read reviews and verify that you’re dealing with a legitimate company. If you're buying from an unfamiliar retailer, take extra precaution and do your research.
📚 Related: The Worst Holidays Scams of The Year (and How To Avoid Them) →
2. Beware of Sketchy Looking Websites
You can usually spot knock-off websites due to their strange design features and functionality flaws like broken links, typos, and slow-loading pages. The company might also lack a physical address or contact details.
Check for SSL encryption to ensure that the website is legitimate. You can spot this as there will be “HTTPS” and a padlock icon at the start of the web address.
3. Don't Use Debit Cards for Online Purchases
The Fair Credit Billing Act (FCBA) aims to protect consumers against damage from unauthorized use of their credit cards. If an item arrives faulty, inaccurately advertised, or fails to turn up, the credit card company is jointly liable with the retailer.
With that said, it makes sense to use your credit card instead of a debit card, as you’ll have a better chance of retrieving any money lost to fraud.
4. Never Click Unfamiliar Links
If you receive an unsolicited text message from a strange phone number, or a suspicious email about an order that you don't remember placing, resist the urge to react emotionally.
Scammers want to disorient you with high pressure tactics so you'll quickly click a link to try and resolve "the problem," meanwhile it’s a trap.
Don't click on links from unfamiliar senders. If you have any doubts about a sketchy text message or email, just delete it. You can always contact customer service directly if you have concerns about fraud.
5. Use a Secure Password Manager
Most people are reusing the same easily guessable password for the majority of their online apps and services. Today, the average person has roughly 100 online accounts [*].
Without a secure password manager, your online accounts are susceptible to getting hacked. If a hacker gets a hold of one password, chances are they can crack every single account you have, including your emails, social media, and online banking.
If you can remember your password, that means a hacker can figure it out. Aura's password manager will keep your data secure across all your devices (available for both iOS and Android).
6. Install Antivirus Software and Use a VPN
Now that so many people are working remotely, many of us are working off of public Wi-Fi networks, which brings inherent security risks. To help protect against the emerging cyber threat of ransomware, phishing, and malware, you should install reliable antivirus software and VPN.
Cybersecurity expert Raj Samani explains:
"By using an unsecured Wi-Fi connection, you may be creating an easy gateway for hackers to access your personal data. Use a VPN, which is extremely important for establishing a secure connection to work files and sensitive data stored in the cloud. [*]”
7. Beware of New Scams
If you ever have doubts about a website, company, or some form of communication you’ve received from an online retailer, you can search Google to see if there is information about a related scam.
Try searching the following:
- Company name + scam (e.g. “G’s Records Inc. scam”)
- Product + scam (e.g. “Headphones scam”)
- Method + scam (e.g. “Email gift card scam”)
Check out the top results, which could include a recent blog post or some customer reviews that may verify that a scam exists. If you think a scammer might be targeting you, doing research will offer peace of mind to know if the communication is legitimate.
Were You Scammed on Black Friday or Cyber Monday?
If you’ve been scammed on Black Friday or Cyber Monday, take the following steps.
- End all communication immediately: While it may be tempting to fight with the scammer, it's best to resist. By continuing the conversation, you risk leaking more sensitive information. Just cut it off, and don’t let them recognize that you’ve decoded their scheme.
- Cancel any pending payments: The moment you realize it’s a scam, cancel all payments or direct debits. Place a “stop payment” immediately if possible.
- Freeze your credit. A credit freeze (or credit lock) stops fraudsters from opening new accounts or taking out loans in your name. Contact each of the major credit bureaus to request a credit freeze. Or, use Aura’s one-click credit lock to instantly lock and unlock your Experian credit file.
- Contact your bank or lender: Make sure that all recurring payments are canceled and inquire about a chargeback. It might not be possible, but if you used a credit card for the transaction, the bank or credit card company might be able to refund the money. While you’re at it, cancel any cards that may have been compromised.
- Submit an official complaint with the retailer: Most department stores or online marketplaces like Walmart, Amazon or eBay are reputable businesses with proactive customer support teams. It’s always worth filing a complaint as the company can investigate and try to remediate the issue.
- Report any third-party accomplices: If a social media ad is part of the scam, you can report the ad to the relevant platform. Often, the scammers will delete their fake social media accounts after they succeed, but you can still report the issue to help the platform protect other users.
- Regularly check your credit report and bank statements. Scammers are almost always after your financial accounts. Check for the warning signs of identity theft — such as strange charges on your bank statement or accounts you don’t recognize.
- File a police report: Notify your local police department of the scam, providing all the details to help them build their case. Chances are, you’re not the only victim, so more evidence will aid police in their pursuit of the criminals. Also, your bank or credit card company may request a copy of a police report, so don’t hesitate to take this step.
- Consider a digital security solution: Aura’s top-rated identity theft protection monitors all of your most sensitive personal information, online accounts, and finances for signs of fraud. Try Aura’s 14-day free trial for immediate protection while you’re most vulnerable.
💡 Related: What Is the Target Gift Card Scam? (How To Avoid It) →
The Bottom Line: Stay Safe From Black Friday Scammers
Most consumers never expect any problems while carrying out a routine holiday shopping spree, but unfortunately, identity theft and financial fraud always happens when you least expect it.
Always stick to trusted retailers. If you want to buy something from a new Shopify store or Etsy merchant, do your research by reading customer reviews. Also, check out what other customers are saying about the merchant on social media, and stay safe by using your credit card (not debit card) for all online purchases.
Keep in mind that even the most secure websites can get hacked, allowing cybercriminals to steal your credit card information and PII. Taking extra precautions with antivirus software, a VPN, and password manager will give you peace of mind as you shop online.
