International Cyber Expo International Cyber Expo
  • About Us
Wednesday, 15 July, 2026
IT Security Guru
International Cyber Expo
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Black Friday 2025: Smarter, Faster and AI-Powered Scams Drive a Surge in Cyber Threats

by Guru Writer
November 26, 2025
in Featured
Share on FacebookShare on Twitter

As retailers prepare for another record-breaking Black Friday, cybersecurity experts are warning that this year’s threats are not only bigger than ever but far more intelligent, automated and difficult to spot.

Fresh data from Check Point, KnowBe4 Threat Labs and other cyber specialists note that attackers are using AI, automation and brand impersonation at industrial scale, exploiting the intensity of the shopping weekend to steal credentials, identities and payment information.

Fake retail sites multiply as attackers use AI and automation

According to Check Point Research, malicious activity tied to Black Friday is rising sharply. One in 11 newly registered Black Friday-themed domains has already been classified as harmful, with criminals spinning up fraudulent sites faster than retailers can report or shut them down.

Brand impersonation remains a core tactic, as 1 in 25 new domains mimicking Amazon, AliExpress and Alibaba has been flagged as malicious. Recent phishing campaigns spoofing HOKA and AliExpress demonstrate how attackers are exploiting high-demand brands to lure victims into sharing login credentials and payment details through convincing fake storefronts.

Omer Dembinsky, Data Group Manager at Check Point Research, said attacks this year “aren’t just bigger; they’re smarter, customised and automated.” Criminals are relying on AI-style templating, mass domain generation and sophisticated replica sites that look indistinguishable from the real thing.

“The best defence is prevention,” Dembinsky added. “Don’t trust a Black Friday link just because it looks real. Verify the domain, use security tools that can validate newly registered sites, and think twice before entering your credit card as you’re one click away from handing over your identity.”

Phishing surges ahead of Black Friday and Amazon leads UK impersonation

New findings from KnowBe4 Threat Labs reveal that out of 27,061 Black Friday-themed phishing emails observed globally, the vast majority (84.30%) impersonated “Deal Watchdog” alert services designed to create urgency around limited-time offers.

In the UK, Amazon was the most impersonated brand, with attackers overwhelmingly using credential-harvesting links as their main payload. UK activity began unusually early this year, with attacks starting on 3rd November and peaking on 10th November, well ahead of the shopping weekend.

Javvad Malik, Lead CISO Advisor at KnowBe4, warned that the psychological pressure of discounted deals is exactly what scammers rely on.

“The combination of time-limited deals and high demand means people often act quickly without taking the usual precautions,” he said. “Taking a moment to verify a website, examine a link or double-check a deal could be the difference between a great saving and becoming a victim.”

AI is fuelling more convincing scams than ever

Keeper Security says AI-generated content is behind much of this year’s sophistication. Fake order confirmations, AI-generated customer service chats and spoofed retailer sites are now near-perfect replicas of legitimate communications, making them harder than ever to spot.

Anne Cutler, Cybersecurity Expert at Keeper Security, explained: “Where there’s money and momentum online, cybercriminals invariably follow—and Black Friday delivers both in abundance. This year we’re guaranteed to see ever more sophisticated scams, primarily fuelled by artificial intelligence.”

Keeper’s global research shows identity-based attacks remain the top concern for cybersecurity leaders in 2025, with stolen credentials continuing to be the leading cause of data breaches.

“The simple truth is that if an attacker controls your identity, they also control your access to everything, ranging from sensitive financial information to social media accounts,” Cutler added. She stressed the importance of strong, unique passwords, MFA and monitoring unusual login activity.

Stick to “Brightly Lit” Parts of the Internet, experts warn

Privacy experts emphasise that consumers must stay vigilant as they hunt for bargains. Chris Hauk, Consumer Privacy Advocate at Pixel Privacy, advised shoppers to go directly to retailer websites instead of clicking ads or pop-ups, many of which lead to expertly forged scam pages.

He added practical reminders:

  • Avoid public WiFi for shopping or banking

  • Use secure payment methods like Apple Pay or Google Pay

  • Buy gift cards only from official retailers or trusted resellers

Paul Bischoff at Comparitech echoed similar safety fundamentals:

  1. Never click links or attachments in unsolicited emails

  2. Never switch communication/payment channels outside the marketplace

  3. If a deal feels rushed, take a step back—it may be a scam

Brian Higgins, also from Comparitech, warned that delivery scams spike during major retail periods, with fake package-fee notifications being especially common as shoppers await parcels. “Don’t buy anything really essential unless you trust the vendor. And if you can afford it, sign up for one of the Credit Monitoring services as they will let you know if you start to buy stuff you’re not aware of,” he cautioned.

Black Friday doesn’t have to be a hacker’s payday

Despite the rising threats, experts agree that a few proactive steps dramatically reduce risk. Strong passwords, MFA, domain checking, secure payment methods and scepticism toward unsolicited messages remain the most effective protections.

As Cutler noted: “A few proactive steps, coupled with an identity-first mindset, can make the difference between a money-saving bargain and a costly breach.”

With AI-powered scams growing faster than ever, the message from security researchers is to enjoy the deals, but shop with caution and never let urgency override judgement.

ShareTweet
Previous Post

How User Education Can Become the Strongest Link in Casino Security

Next Post

Cyberattack on Multiple London Councils Exposes Fragility of Shared Public-Sector Systems

Recent News

Forescout Uncovers AI Assisted Phishing Campaign Using Fake eCards

Forescout Uncovers AI Assisted Phishing Campaign Using Fake eCards

July 14, 2026
Lidl Confirms Data Breach After Third-Party IT Provider Hack

Lidl Confirms Data Breach After Third-Party IT Provider Hack

July 14, 2026
Black Duck Adds AI-Powered Triage and CRA-Ready Checks to Coverity Static Analysis

Black Duck Adds AI-Powered Triage and CRA-Ready Checks to Coverity Static Analysis

July 14, 2026
AI Appreciation Day: Celebrating Progress, Embracing Responsibility

AI has crossed from assistant to operator, Check Point research warns

July 14, 2026

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol