2022 Black Friday and Cyber Monday Scams

2022 Black Friday Cyber Monday Scams Jacqueline Jayne KnowBe4In years gone by, Black Friday was a 24-hour rush to the shops (you remember those places with actual people and merchandise that you could touch) where there was a set time for you to grab a bargain. People arrived at the shops the night before waiting in line for the doors to open. Then, in 2005 the clever people at the National Retail Federation decided that an online frenzy of shopping was needed the Monday after Thanksgiving. We know this Monday as Cyber Monday. In 2008, Cyber Monday hit the big time as Thanksgiving fell five days later than in 2007 so the people were hungry for the online deals. The anticipation of the online deals created a frenzy and launched Cyber Monday into the stratosphere. Over time, Black Friday became Black November as retailers cashed in on the sales and consumers obliged.

Enter COVID-19

2020 was a very different vibe as more people than ever were at home unable to get to the shops and Black Friday moved to an online event and as consumers, we had more time to prepare, plan, research and ‘buy all the things’ online taking advantage of both sales.

Cybercriminals were grateful for the shift to everything being online as they too were able to prepare, plan, research and ‘scam all the people’.  As we spent more money online they scammed more money online. The exact amount stolen from consumers by cybercriminals (scammers) is unknown, however, based on reported data it is in the billions.

What’s In Store For Us This Year?

Today, in 2022 as we fast approach these two shopping events, it’s a very different landscape. Black Friday is no longer the event it once was, and Cyber Monday has lost its shine in many ways. Retailers have their cards on the table for us all to see and the headlines of ‘The Best Deals for Black Friday and Cyber Monday 2022’ are coming fast and so are the scams.


Top Holiday Scams to Look Out For in 2022

Be on the lookout for all incoming communications such as text messages, voice messages and emails as it is here you will find most scams. Here are examples of the top scams to watch out for this holiday season:

  • Smishing (fake SMS) or Phishing (fake emails)
  • Delivery Scams: We were unable to deliver your parcel.  Click here to confirm delivery details <<nasty link here>>
    We attempted to deliver your parcel and you weren’t home.  Click here to organise another delivery time <<nasty link here>>
  • Fake Order Confirmation: There is an issue with your order from Amazon.  Click here to fix the issue and avoid delays <<nasty link here>>
    Your order for <<insert product>> for $250 has been cancelled.  Click here to confirm your refund <<nasty link here>>
  • Fake Charity Donation Requests Communications may appear pretending to be from known charities asking for donations. 
  • Gift Card Scams If you are asked to pay for a purchase online using a gift card, this is more than likely a scam. 

Tips to Avoid Holiday Scams

  1. Do your research on what you want to buy
  2. Only buy on official websites – ignore anything that comes to you via email, SMS or a pop-up ad.
  3. There will be an increase of emails, notifications, pop up ads with amazing deals all asking you to CLICK on something or OPEN something to access the deal. Unfortunately, many of these will be fake and scams so pay close attention and don’t click!
  4. Use a third-party payment service such as PayPal, Apple Pay or Google Pay which gives you an extra layer of protection. You can also get yourself a gift credit card or a separate credit card that is only used for online transactions.
  5. Don’t use free public wi-fi as it is not secure. If you must, get a VPN (virtual private network) that enables you privacy and protection while you are online.
  6. Be aware of parcel delivery scams especially via email and SMS. Always go to the official website to track parcels.
  7. Make sure you are not reusing your passwords and login details. Using the same email address is fine – however, don’t ever reuse your passwords. If there are too many to remember, you can write them down or ideally, get yourself a password manager tool that can manage all your passwords for you.

What about Retailers?

Should a retailer become the victim of a successful cyberattack, the results can be catastrophic. Loss of reputation, financial impact, brand damage, loss of trust and even having to close the doors. This is serious business for the cybercriminals and protecting your systems, customers and even vendors must be a priority.

  1. Patch your software and check that your networks are protected from vulnerabilities.
  2. Take your employees through security awareness training to avoid falling for scams and social engineering attacks in both their personal and professional lives.
  3. Make sure all your employees know what to expect in relation to paying invoices or transferring money. If they don’t understand what a Business Email Compromise (BEC) is, the chance of them falling for one is very high.
  4. Educate your customers on what to look out for to avoid being scammed. Have a page on your website dedicated to communicating with customers on any scams that have been reported.
  5. Use social media to keep customers up to date with scams and can also be used as a platform to educate on staying safe online.
  6. Educate customers who come into your physical stores on staying safe online and shopping safely.

There is a lot to take in. Just remember that it really is the same message every year. Awareness of the problem is the first step in avoiding falling for these scams and you have started that journey. Stay safe online until next time.

Get Your Free 2023 Holiday Security Awareness Resource Kit

It's the busiest time of year for everyone, especially cybercriminals. They know surges in online shopping, holiday travel and time constraints can make it easier to catch users off their guard with relevant schemes. This makes one of the busiest times of year one of the most important times for your employees to stay vigilant against cybersecurity threats.

 That's why we put together this resource kit to help ensure no chunks of cyber-coal end up in your employees’ stockings this season! Use these resources to help your users make smarter security decisions every day.

Holiday-Resource-Kit-2023Here's what you'll get:

  • New! Holiday Cybersecurity World Passport interactive game
  • Two free holiday training modules, available in multiple languages
  • Resources to share with your users, including an educational video, plus security documents and digital signage to reinforce the free modules included in the kit
  • Newsletters about holiday shopping and travel safety for your users
  • Access to resources for you to help with security planning for the upcoming year

Get Your Free Resource Kit Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews