For many the Black Friday sales have become as much a part of the British retail calendar as Christmas itself. It’s time to tick off a lot of your Christmas shopping list and finally grab those deals you’ve been waiting for all year.

But while shoppers are preparing to spend, fraudsters are waiting behind their screens preparing to steal. Every November, the combination of excitement, urgency and online noise creates the ideal environment for cyber criminals. They know that people are distracted, emotional and eager to buy before stock runs out and they exploit that window with ruthless efficiency.

This year, UK shoppers are expected to spend almost £14 billion over the Black Friday weekend, with an average outlay of £299 per person, up £83 on last year. Even with tighter household budgets, one in three consumers plan to spend more this year. That scale of activity makes it a goldmine for criminals.

Between November 2023 and January 2024, UK shoppers lost over £11.5 million to online scams with each victim losing an average of £695. As criminals become more sophisticated and AI makes it easier to create convincing fake content it’s predicted that losses could be even higher this year. Even if only a small percentage of shoppers fall victim, millions of pounds could be lost in a matter of days.

The new shape of fraud

Black Friday scams have evolved beyond the crude phishing emails of the past. Today’s attacks are sophisticated, realistic and fast-moving. The widespread use of generative AI means that creating convincing fake retailers or product campaigns now takes minutes rather than days. Fraudsters can create entire websites, complete with fake branding, AI-written reviews and realistic payment pages, all designed to harvest details or take your money without sending you a thing.

Fraudsters are also taking advantage of the new shopping landscape. Amazon remains the most popular Black Friday destination, attracting around 76% of UK shoppers, but there’s been a rapid rise in activity across newer marketplaces such as Temu (22%), Shein (21%) and TikTok Shop (14%). These platforms are relatively young, and consumers are still learning what their legitimate communications look like which makes them an ideal cover for impersonation scams.

“Buy now, pay later” schemes are also playing a smaller role this year, with only 17% of shoppers expected to use them. That may sound safer, but it also means more people are paying directly via card or, worse, by bank transfer. Criminal groups favour direct transfers because the money is instantly moved and subsequently difficult to trace or recover.

Common Scams

Fake retail websites

Fraudsters replicate well-known brands or invent entire fake shops, often with addresses that look almost identical to legitimate ones. They’ll use paid search results or sponsored social media ads to appear near the top of your feed. The site will take payment but never deliver the item you think you’ve bought. Scammers are increasingly using AI-generated ads that imitate real brands – including sponsored or “suggested” posts that lead to fake sites. If a deal looks too good to be true or the website URL looks slightly off, take it as a warning sign.

Phishing and verification scams

Emails and texts promising exclusive deals or “account security checks” remain an ongoing problem. The designs are highly convincing, as they often use real logos and phrasing lifted directly from trusted retailers. The goal is to collect login credentials or payment data. Watch for subtle clues e.g. email addresses with small spelling mistakes, generic greetings like “Dear customer,” or urgent messages claiming your order will be cancelled unless you act fast.

Social media giveaway scams

Scammers often impersonate brands on platforms like Instagram, Facebook and TikTok, using near-identical names and logos. They’ll comment under genuine posts, urging users to “DM us to win a prize” or “claim your reward.” Real brands post giveaways through verified accounts with clear rules and never ask for personal or payment details to receive a prize.

Marketplace and courier scams

On social platforms and trading sites, criminals advertise sought-after goods such as high-end electronics, gaming consoles and designer clothes all at what looks like very attractive prices. Victims are persuaded to pay via bank transfer, sometimes with added “courier” or “insurance” fees, once the payment clears the seller vanishes. During busy delivery periods, scammers also send fake “missed delivery” or “package delayed” texts, often pretending to be from Royal Mail or Evri. These messages include links to fake payment pages asking for a small “redelivery fee” – it’s important to never click them. Instead, check your delivery status through the courier’s official website or app.

AI-powered manipulation

AI tools are now used to create fake customer reviews, cloned product photography and even videos featuring fabricated “staff” or “influencers.” These assets are designed to add credibility to fake sites and can trick consumers into a false sense of trust.

Why we keep falling for them

Fraudsters don’t rely on technology; they rely on people. Every scam is designed to manipulate emotions – urgency, greed, trust, or fear. The more time pressure a person feels then the less likely they are to question what they see.

Black Friday messaging is built around speed and scarcity such as “only a few left” or “ends in minutes.” That same emotional push that drives legitimate sales is the fuel for scams. Combine this with a professional-looking website and customer reviews, and even the most cautious person can make a rushed decision.

Confidence can also be dangerous. Surveys consistently show that most shoppers believe they can spot a scam, yet the number of victims remains stubbornly high. Overconfidence leads to shortcuts and shortcuts are exactly what fraudsters depend on.

How to protect yourself this season

• Go straight to the source. Type the retailer’s address into your browser rather than clicking on links from emails or social media posts.
• Check the website address. Look carefully for extra letters, hyphens or spelling variations in the URL.
• Pay with a credit card whenever possible. Purchases between £100 and £30,000 are protected under Section 75 of the Consumer Credit Act.
• Avoid direct bank transfers and cryptocurrency payments. Once the money is sent, it’s usually gone for good.
• Turn on multi-factor authentication for accounts such as PayPal, Amazon, and your email.
• Use strong, unique passwords and consider a reputable password manager to help manage them.
• Be cautious of urgency. Real retailers don’t threaten to cancel your account or withdraw a deal within minutes.
• Cross-check prices. A deal that’s dramatically lower than elsewhere is often a fake or counterfeit.
• On social media, only engage with verified brand accounts – look for the verification mark and established follower history. Avoid clicking links in comments or direct messages even if they appear genuine.

If something feels off, stop. There’s no such thing as a “too good to miss” deal that isn’t worth spending an extra 60 seconds verifying.

If you think you’ve been caught out

Contact your bank or card provider immediately. The faster you report it, the greater your chances of recovering funds or blocking further damage. Report the incident to Action Fraud and forward any suspicious emails to the official phishing reporting service. Even if you’ve avoided loss, reporting helps stop others falling for the same scam. You can report scams online at actionfraud.police.uk or by calling 0300 123 2040.

Stay alert

Black Friday and Cyber Monday are no longer weekend events; they’re extended online marketing seasons, and for scammers this means extended hunting seasons. With billions of pounds expected to change hands and AI lowering the barrier to entry, scams are becoming harder to detect and easier to launch.

Take your time, double-check every link, and never let urgency override common sense a genuine deal will still be there after you’ve verified it.

And if you’re still wondering what to buy for the person who already has everything, consider giving them something that strengthens their online safety: a password manager, identity protection service, or VPN – they’ll deliver real value long after the sales are over.