Gaetano DiNardi is a growth advisor to software companies like Docebo, Cognism, and Workvivo. As the former head of organic growth at Aura, Gaetano helped launch the company's SEO program. He has also written for publications like HBR, Fast Company, and Nasdaq.
Jory MacKay is a writer and award-winning editor with over a decade of experience for online and print publications. He has a bachelor's degree in journalism from the University of Victoria and a passion for helping people identify and avoid fraud.
Beware Of These Black Friday and Cyber Monday Scams
Online shopping scams have become some of the biggest threats to Americans — especially during the busy Black Friday and Cyber Monday shopping season. Every year, scammers trick hundreds of thousands of victims into wasting money on fraudulent and counterfeit goods or sharing payment information with fake online stores.
Shoppers spent over $20 billion during Black Friday and Cyber Monday last year alone — making it a prime target for scammers.
While Black Friday is a great opportunity to take advantage of the special deals retailers put out at the start of the shopping season, it’s also rife with frauds and scams you need to avoid.
In this guide, we’ll explain the most common types of online scams to watch out for this holiday shopping season as well what you can do to stay safe, protect your money, and get the best deals — without getting scammed.
The 9 Latest Black Friday and Cyber Monday Scams You Need To Avoid
There are numerous ways for scammers to target you during the holiday shopping season — from suspicious links in Black Friday scam phishing emails to fake online stores or coupons.
But ultimately, scammers are all after the same things: your money, personal information they can use to steal your identity, or financial information such as your credit card numbers or bank account details.
🛡 Get award-winning protection against scams and fraud — for free. Aura’s all-in-one solution combines #1-rated identity theft and fraud protection with advanced digital security tools to protect you from hackers and scammers. Try Aura for free today.
1. Fake or spoofed online stores
Cybercriminals create fake online stores or spoof popular e-commerce and retailer sites to trick you into sending them money or entering your financial information and personal details.
At best, you could end up paying for a counterfeit product. At worst, scammers will use your stolen information to steal your identity and commit financial fraud.
How to spot and avoid a fake online store:
Check the URL. Scammers use spoofed domains to make their fake websites look more legitimate. For example, you could be on “Walmrat.com” instead of the official “Walmart.com”, or “deals-at-bestbuy.info” instead of “bestbuy.com.”
Look for strange copy, design, and details. If you’re on a smaller retailer’s site or an unknown store, look for signs that it’s a fake. For example, low-quality images that could’ve been stolen from other sites or brand names or descriptions that don’t make sense or aren’t in proper English.
Don’t enter payment information on unsecured websites. Secure sites use what’s called SSL (secure sockets layer) encryption. This means that any information you enter — name, shipping address, credit card number — will be masked and can’t be intercepted by hackers. To ensure you’re on a secure site, look for HTTPS (not HTTP) and a padlock symbol near the URL in the address bar.
2. Social media ads for “too-good-to-be-true” deals
By some accounts, 40% of all online shopping scams come from Facebook and Instagram ads [*]. Scammers create flashy ads with discounted prices to entice shoppers — but if you click, you’ll be taken to a spam website selling knockoffs or a fake store that steals your personal information.
In another version of this scam, fraudsters pose as disgruntled employees from luxury stores and post secret “discount codes” — but when you try to use them, you’re taken to a fake store with massive shipping fees.
The bottom line: Don’t blindly trust social media ads. If you see a deal you’re interested in, navigate to the store or retailer directly (not via the ad) to see if it exists.
3. Fake order confirmation emails
Fraudsters know that people are busy shopping during the holiday season and are likely dealing with a ton of messages about order confirmations. In this scam, fraudsters send fake phishing emails and texts disguised as these messages, but claiming there’s an issue with your order. If you click on the included link, you’ll be taken to a fake website that can steal your passwords, payment information, and more.
How to spot and avoid fake order confirmation emails:
Check the sender’s “from” name. Before you click or respond, click on the sender’s “from” name to reveal their email. Make sure that it’s coming from the company’s official domain (such as @Amazon.com)
Log in to your account directly to check on the order status. If there’s an issue with your order, it will show up in your online account. Don’t click on the link in the email or text. Instead, log in directly.
Block fake websites with Safe Browsing tools. Almost all phishing email and text scams will try to get you to visit a fake website. Aura’s Safe Browsing tools can block these scam and malicious sites before they can do you harm.
⚠️ If you made an online purchase from a fake retail website, you need to act fast! Stop scammers from using your identity to take out loans or empty your bank account by freezing your credit, monitoring your identity, and updating your passwords. Need help? Try Aura for free today.
4. Fraudulent delivery notification messages
In this phishing scam, fraudsters target you with a different type of message — a fake delivery notification from FedEx, UPS, or the U.S. Postal Service (USPS). These scams are most common over text message and include a link to a site to “fix” the shipping issue, either by entering your personal information or paying a missed “fee” or taxes.
The bottom line:Always check on deliveries directly with the shipper. Don’t click on links in unsolicited text messages or emails. Instead, find your original email and use the included tracking number on the shipper’s official website.
5. Fake charity and fundraiser scams
In the spirit of Thanksgiving, many people donate to charities during the holiday season. Unfortunately, there are plenty of scammers waiting to take advantage of people’s good hearted intentions.
Charity fraud scams impersonate successful charity organizations, where con artists go to great lengths to deceive their victims. Using fake copycat websites and well orchestrated social media campaigns, these fraudsters deceive people into making donations that never reach a legitimate charity.
How to spot and avoid a fake charity:
Look up their credentials on a charity watchdog site. You can make sure you’re donating to a legitimate organization by researching them on sites like CharityNavigator.org, CharityWatch.org, or the Better Business Bureau’s Wise Giving Alliance.
Make sure you know who’s running a fundraiser. If you want to donate to anonline fundraiser or GoFundMe, check who’s actually running the fundraiser to see if they’re someone you trust.
Scammers love gift cards because they’re easy to purchase and almost impossible to trace or refund once sent. In these scams, fraudsters set up fake stores and request payment via popular gift cards, such as Amazon, Apple, Microsoft, or Visa prepaid cards.
According to the Federal Trade Commission (FTC) [*]:
Americans have lost over $160 million to gift card scams since the start of 2023.
The bottom line: Gift cards are for gifts — not making purchases or paying for services on third-party websites. If someone asks you to buy gift cards and send them the numbers, PINs, or photos of the cards, it’s a scam.
7. Bogus coupon and voucher websites
Even though Black Friday and Cyber Monday automatically include some of the best deals of the shopping season, scammers know people always want a better deal. In these scams, they create fake websites that claim to house special discount codes, coupons, or vouchers for popular retailers.
At best, these sites are loaded full of ads (and no real coupons). At worst, your device could get infected with malware from a malicious ad.
Pro tip: Companies almost never publicly share valid discount codes over 15 or 20%. Always ensure you check discount codes on the retailer’s official site during the checkout process.
When making online purchases, you should always receive an order confirmation with a tracking number. In these scams, fraudsters either send bogus tracking numbers or none at all. In essence, you’ve paid for nothing.
While it can be hard to spot a non-delivery scam before you become a victim, you can still do your due diligence by checking for warning signs of a fake store and also reading the retailer’s shipping and returns policy.
9. Sellers asking for non-traditional payment options
Online retailers will almost always accept traditional payment methods, such as credit cards or trustworthy payment apps like PayPal. If a store or seller will only accept a non-traditional payment method, they may be trying to scam you as these methods are harder to trace or refund.
Be extra cautious if a store or seller asks you to pay with:
Wire transfers: These are nearly instantaneous and impossible to refund once sent.
Cryptocurrencies: Hackers love cryptocurrencies as they allow for anonymous transactions that can’t be refunded or traced.
Payment apps like Zelle, Venmo, and Cash App: While some payment apps offer payment protection if you mark the payment as for a business, scammers will try to get you to mark it as personal — so it can’t be refunded.
Gift cards: Unless you’re using a gift card on the retailer’s official website (i.e., using an Apple gift card to buy an iPhone from the official Apple Store), this is a clear red flag of a scam.
🥇 Don’t settle for second-best fraud and scam protection. Aura’s all-in-one solution has been rated #1 by Money.com, Forbes, TechRadar, and more. Try Aura for free today and protect yourself from online scams.
How To Avoid Getting Scammed on Black Friday and Cyber Monday
Black Friday and Cyber Monday present lucrative opportunities for cybercriminals, so you need to remain vigilant while you’re shopping online.
Follow these tips to help you detect and avoid Black Friday and Cyber Monday scams:
Avoid unfamiliar retailers
The growth of independent e-commerce websites means consumers must navigate uncharted waters if they want to buy unique or novelty items from lesser-known brands.
The Better Business Bureau(BBB) advises shoppers to:
“Read product reviews on extremely discounted items. It could be a cheaper model and not what was expected. [*]”
Always take the extra time to read reviews and verify that you’re dealing with a legitimate company. If you're buying from an unfamiliar retailer, take extra precaution and do your research.
You can usually spot knock-off websites due to their strange design features and functionality flaws like broken links, typos, and slow-loading pages. The company might also lack a physical address or contact details.
Check for SSL encryptionto ensure that the website is legitimate. You can spot this as there will be “HTTPS” and a padlock icon at the start of the web address.
Don't use debit cards for online purchases
TheFair Credit Billing Act (FCBA)aims to protect consumers against damage from unauthorized use of their credit cards. If an item arrives faulty, inaccurately advertised, or fails to turn up, the credit card company is jointly liable with the retailer.
With that said, it makes sense to use your credit card instead of a debit card, as you’ll have a better chance of retrieving any money lost to fraud.
Pro tip: Don’t save your credit card information on online stores. This way, your payment details won’t be leaked if the store gets hit with a data breach.
Never click unfamiliar links
If you receive an unsolicited text message from a strange phone number, or a suspicious email about an order that you don't remember placing, resist the urge to react emotionally.
Scammers want to disorient you with high pressure tactics so you'll quickly click a link to try and resolve "the problem," meanwhile it’s a trap.
Don't click on links from unfamiliar senders. If you have any doubts about a sketchy text message or email, just delete it. You can always contact customer service directly if you have concerns about fraud.
Use strong passwords and a password manager
If hackers can break in to your online accounts they can steal your personal information, financial details, and more. Make sure you’re always using strong and unique passwords across all of your accounts — especially for online stores where you’re storing your credit card numbers and shipping details.
For added security, always enable two-factor authentication (2FA) whenever possible and store your credentials in a secure password manager.
Install antivirus software and use a VPN
Hackers use the holiday shopping season as an easy way to infect devices with ransomware, malware, and other cyber threats. Not only that, but shopping while on public Wi-Fi networks can also open you up to a whole host of security risks.
To secure your data and devices, Aura provides a full suite of cybersecurity tools, including antivirus software and a virtual private network (VPN) to hide your browsing history from hackers. Learn more about how Aura protects you from online threats.
Beware of new scams
If you ever have doubts about a website, company, or some form of communication you’ve received from an online retailer, you can search Google to see if there is information about a related scam.
Try searching the following:
Company name + scam (e.g. “G’s Records Inc. scam”)
Product + scam (e.g. “Headphones scam”)
Method + scam (e.g. “Email gift card scam”)
Check out the top results, which could include a recent blog post or customer reviews that may verify that a scam exists. If you think a scammer might be targeting you, doing research will offer peace of mind to know if the communication is legitimate.
💪 Don’t get stuck dealing with scams and fraud alone. Every Aura members gets 24/7 access to our team of White Glove Fraud Resolution specialists as well as up to $1 million in identity theft insurance. Try Aura for free today.
Did You Get Scammed Shopping Online? Do This
If you’ve been scammed on Black Friday or Cyber Monday, take the following steps:
End all communication immediately. While it may be tempting to fight with the scammer, it's best to resist. By continuing the conversation, you risk leaking more sensitive information. Just cut it off, and don’t let them recognize that you’ve decoded their scheme.
Cancel any pending payments. The moment you realize it’s a scam, contact your bank or the payment processor to try and pause the payments and recover your money.
Freeze your credit. A credit freeze (or credit lock) stops fraudsters from opening new accounts or taking out loans in your name. Contact each of the major credit bureaus to request a credit freeze. Or, use Aura’s one-click credit lock to instantly lock and unlock your Experian credit file.
Contact your bank or lender. Make sure that all recurring payments are canceled and inquire about a chargeback. It might not be possible, but if you used a credit card for the transaction, the bank or credit card company might be able to refund the money. While you’re at it, cancel any cards that may have been compromised.
Submit an official complaint with the retailer. Most department stores or online marketplaces like Walmart, Amazon or eBay are reputable businesses with proactive customer support teams. It’s always worth filing a complaint as the company can investigate and try to remediate the issue.
Report any third-party accomplices. If a social media ad is part of the scam, you can report the ad to the relevant platform. Often, the scammers will delete their fake social media accounts after they succeed, but you can still report the issue to help the platform protect other users.
Regularly check your credit report and bank statements. Scammers are almost always after your financial accounts. Check for the warning signs of identity theft — such as strange charges on your bank statement or accounts you don’t recognize.
File a police report. Notify your local police department of the scam, providing all the details to help them build their case. Chances are, you’re not the only victim, so more evidence will aid police in their pursuit of the criminals. Also, your bank or credit card company may request a copy of a police report, so don’t hesitate to take this step.
Consider a digital security solution. Aura’s top-rated identity theft protection monitors all of your most sensitive personal information, online accounts, and finances for signs of fraud. Try Aura’s 14-day free trialfor immediate protection while you’re most vulnerable.
The Bottom Line: Stay Safe From Black Friday Scammers
Most consumers never expect any problems while carrying out a routine holiday shopping spree, but unfortunately, identity theft and financial fraud always happens when you least expect it.
Always stick to trusted retailers. If you want to buy something from a new Shopify store or Etsy merchant, do your research by reading customer reviews. Also, check out what other customers are saying about the merchant on social media, and stay safe by using your credit card (not debit card) for all online purchases.
Keep in mind that even the most secure websites can get hacked, allowing cybercriminals to steal your credit card information and PII. Taking extra precautions with antivirus software, a VPN, and password manager will give you peace of mind as you shop online.