Three-Quarters of Black Friday Spam Emails Identified as Scams

Three-Quarters of Black Friday Spam Emails Identified as Scams

Consumers have been warned that 77% of Black Friday-themed spam emails in 2024 have been identified as scams, with the remainder marketing lures, according to new figures from Bitdefender.

This represents a 7% rise in the proportion of spam emails identified as scams compared to Black Friday 2023, and a 21% increase compared to 2022.

Bitdefender said the growing prevalence of Black Friday scams “underscores the greed and daring of cybercriminals, who increasingly leverage fake offers and phishing tactics to exploit consumer shopping behaviors and trends.”

These scams are primarily designed to either gather victims’ personal data, such as login credentials and banking information, or directly steal their money via fake purchases or using banking trojans.

Read now: UK Shoppers Lost £11.5m Last Christmas, NCSC Warns

US Biggest Target for Black Friday Scam Activity

The analysis found that the US received 38% of all Black Friday-themed spam.

Europe accounted for 44% of global spam activity, with Germany and France among the most targeted countries.

Two-thirds of this spam activity originated in the US, while Europe accounts for 23% of spam origin.

Black Friday spam activity began to spike in late October 2024, aligning with the shopping season’s momentum.

Black Friday Scams Getting Creative

Researchers from Bitdefender’s Antispam Lab team said that attackers have become more creative in their Black Friday scams in 2024, tailoring their messages and tactics to different groups of shoppers and different demographics and regions.

These attacks have ranged from phishing emails impersonating trusted brands to sophisticated malware campaigns.

Examples of scams observed so far this year include:

  • Targeting tech enthusiasts in Spain by impersonating Fnac, a France-based retail company that specializes in the sale of entertainment media and consumer electronics. These malicious emails falsely claimed that users’ orders ready for shipment, with a PDF attachment delivering the Grandoreiro Trojan, which is designed to enable unauthorized financial transactions by stealing banking credentials.
  • Targeting fashion lovers by delivering phishing emails advertised Ray-Ban sunglasses for as little as $27.99, redirecting users to phony sites.
  • Targeting grocery and household shoppers through survey scams claiming to offer exclusive rewards from retailers like Tesco and Costco in the UK, which tricked victims into sharing sensitive details under the guise of Black Friday promotions.

“This diversity in spam tactics shows cybercriminals’ adaptability and their effort to appeal to as many demographics as possible. The campaigns varied by product type and were also tailored to specific regions, exploiting cultural and shopping preferences to maximize their reach and impact,” the researchers said.

Tips to Avoid Black Friday Scams

Bitdefender set out several recommendations for online users to ensure they can avoid falling victim to Black Friday scams:

  • Verify sources: Double-check email sender addresses and website URLs for legitimacy
  • Avoid Clicking links: Visit retailer websites directly instead of clicking unsolicited links
  • Use Security Tools to help verify suspicious links and emails
  • Be cautious with surveys: Treat surveys claiming rewards or deals with skepticism unless verified as legitimate

Originally Appeared Here