“Black Friday” Phishing Emails Are Proliferating

Last updated July 6, 2021
Written by:
Bill Toulas
Bill Toulas
Infosec Writer

The thirst for consumerism is to be quenched in about ten days from now, when the 2020 “Black Friday” will arrive with (hopefully) amazing deals on all kinds of products. Especially this year, where everyone is stuck inside having little to do with the “physical” aspect of their lives, it has been a record-breaking time for buying electronics.

In numbers, Americans spent 21% more than they did in 2019, and the Chinese doubled the “Singles Day” record from the previous year, spending $74 billion in just 24 hours.

Hackers are well aware of what is happening and are already preparing their trickery as they want a piece of that delicious "money pie." As reported by Check Point, active phishing campaigns are already on a steep rise in November. Those using the “special offer” topic alone are 235 at the moment, whereas in October, there were 120 phishing campaigns of this kind.

Source: Check Point

The number of campaigns is an indication, but their size, volume, and reach play a key role as well. An impressive statistic relevant to this is that one out of every 826 emails is a “Black Friday” or “Cyber Monday”-themed message sent by a phishing actor. At the start of October, the rate was less than 1 in 11,000 emails.

As for the phishing emails' actual content, in almost all cases, the “special offers” are too good to be true. Discounts as high as 90% are typical in these cases, accompanied by spelling mistakes and landing URLs that don’t even bother to resemble anything close to the spoofed brand.

Of course, some actors make an effort to prepare well-crafted emails and web pages. Still, in the heat of the upcoming sales, the majority is betting on exploiting the sense of urgency that comes from time-limited and stock-limited offers.

Source: Check Point

If you are planning to buy stuff during Black Friday, there are several things you can do to ensure that you’re not running the risk of getting scammed.

First, you should visit the websites of the e-shops directly instead of using links that came via email. Secondly, you should beware of extreme bargains that make no sense at all, like seeing the iPhone 12 that is still selling like crazy being discounted by 80% or something like that. And thirdly, always check the signs of fraud, like misspelled words, wrong URLs, and absence of the HTTPS lock.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: