Skip to Content
Security & privacy

Fake Black Friday apps and websites are now out in full force

This year’s holiday online shopping spree is going to be the biggest ever. Based on the latest predictions, $124.1 billion will be spent on online shopping in November through December of this year. That’s one dollar for every six dollars spent overall!

The major online shopping days will be Thanksgiving ($3.3B), Black Friday ($5.9B) and naturally, Cyber Monday ($7.8B). This means online shopping will generate around $23.4 billion from Thanksgiving to Cyber Monday alone.

But do you know who’s also out in full force during the busy holidays? Yep, your good ol’ jolly cybercriminals.

With more online shoppers this time around -probing every nook and cranny of the web in search of the best Black Friday and Cyber Monday deals – crooks are looking to capitalize and victimize unsuspecting bargain hunters.

You better watch out for Black Friday scams

A new report from cybersecurity firm RiskIQ reveals that criminal activity involving Black Friday scams have significantly increased since 2016.

And with this year’s record-breaking sales projections, scammers are upping the ante even further!

These criminals are not just looking to steal your stocking-stuffer money. They’re after your sensitive personal information, too, so they can use it for identity fraud and banking scams. How are they doing it?

Fake Black Friday apps

Based on RiskIQ’s analysis, one popular method for crooks is via fake Black Friday apps.

The company ran a query of popular retailer brand names alongside the keywords”Black Friday” against its global blacklist and mobile app database and found that 237 (5.5%) of the total 4,324 results are malicious. Running the same query with “Cyber Monday” instead yielded 44 malicious apps out of 959.

Although RiskIQ did not reveal the top retailer brands that they tested, their analysis revealed 6,615 malicious apps that were pretending to offer holiday shopping deals but in reality, they are scams.

And don’t even think that you’re safe if you’re using apps from the official app stores. RiskIQ noted that the Google Play store hosted most of the blacklisted apps found in the second quarter of 2018.

Fake Black Friday websites

Another method that crooks are employing to victimize deal hunters is through malicious websites.

RiskIQ’s analysis outed more than 1.451 blacklisted web addresses and URLs that referenced “Black Friday” or “Cyber Monday.” These sites are dangerous since they are known for malvertising, malware and phishing scams.

Click here to check out RiskIQ’s full report.

How to protect yourself from holiday scams

Here are three ways that hackers try to trick you into parting you with data, and what you can do about it.

Phishing scams

Phishing techniques usually come in the form of spam emails advertising special sales and phony gift cards. But more sophisticated con artists will set up realistic-looking online shops. To put it mildly, if one of these merchants receives your payment information, you will get more than you bargained for.

Counterfeit items

Counterfeit and resold items from major retailers have become very popular in recent years. Online shoppers can’t hold an object and assess its quality, and conmen love to sell fake products for big markups.

Unless you’re the kind of person to get into a fist fight over a Cabbage Patch Doll, you should probably wait until just after Christmas to secure that perfect gift, since most companies restock hard-to-find items once the shopping craze is over.

You’ll also see prices dropping throughout January, especially online. Resold items are usually a rip-off, and it’s worth waiting a few weeks for these predatory vendors to fizzle out.

Counterfeit items are hard to spot, but your best guide is the rating system available on most sites. If a store has a 55% approval rating and has only made 30 transactions, that’s a very bad sign. Customers are usually quick to criticize a bogus company and report faulty products.

Data breaches

When scammers create fake websites, they’re often seeking more than your credit card information: They may want to steal your identity as well. If an unfamiliar website is asking for more information than you would normally enter, you should probably stop your purchase until you’re sure the website is safe.

One way to protect yourself from a breach is to shop from dependable merchants, but that doesn’t necessarily mean you’re 100% safe. As we’ve seen from the past, hackers focus on large companies to steal logins, passwords and credit card information.

But even if a company name and logo are familiar, keep an eye out for fake emails, shopping apps and URLs that imitate real companies. Be suspicious of any mysterious gift cards and offers for free gifts from retailers you have never dealt with. Most importantly, never give out personal information on the internet unless you are 100% confident that the site is real.

Refer friends, earn rewards

Share your source of digital lifestyle news, tips and advice with friends and family, and you'll be on your way to earning awesome rewards!

Get started