Holiday scams spike during Black Friday as scammers target shoppers
newYou can now listen to Fox News articles!
The holiday season is both the happiest and most dangerous time of the year to be online. As millions of us prepare for Black Friday and Cyber Monday deals, scammers are doing the same.
Every year, they target holiday shoppers with fake websites, “too good to be true” deals, and scam emails that look identical to legitimate retailers. But here’s the part that most people miss: scammers don’t just rely on luck. They already have your personal data before you click “Add to Cart”.
From leaked email addresses to exposed phone numbers and home addresses, your personal information is bought and sold by data brokers, companies that collect and resell detailed profiles about you. These profiles are exactly what scammers are using to send realistic “order confirmations,” fake delivery alerts, and “urgent payment” texts during this holiday period and beyond.
Let’s explain how it works and what you can do now to stay safe before the holiday chaos begins.
Retirees lose millions to fake holiday charities as scammers take advantage of seasonal generosity
Sign up for my free CyberGuy report
Get the best tech tips, breaking security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – for free when you join my site CYBERGUY.COM Newsletter.
Scammers ramp up fake websites and emails during the holiday shopping rush. (Istock)
Why scammers love the holiday season
November through December is a goldmine for cybercriminals. According to CISA, reports of online shopping scams rise during this time of year and vary in their methods. the reason? We let our guard down when we rush, get distracted, or get excited about a deal. Staying alert during the holiday season can help you avoid data exposure and financial losses. Here are some of the most common scams you should be aware of.
Illusion stores
The rise in promotions during the holiday season is the perfect time for “ghost stores” to flourish. It is a fraudulent store that mimics the interface and products of a well-known brand. Once you purchase from this website, you will never receive your order because the store does not actually exist.
Real world example: The fake IKEA websites appeared with URLs spelled “ikeaa-sale.com” and “ikea-blackfriday.shop,” imitating the official ikea.com interface with copied product images, logos, and discount banners.
They lure shoppers with huge discounts and clearance offers to steal credit card data. Eventually, they were reported and removed, but the damage had been done.
What to do? Always check the URL of the store you are shopping at and only click on links from the store’s official website or social media.
Delivery scams
According to recent research, some of the most popular shopping apps like Temu sell your location data to third parties. It is not surprising that you may receive fake text messages.
Your leaked data fuels real-life online “order” and “delivery” scams. (Istock)
Major companies, including GOOGLE and DIOR, suffered a massive sales force data breach
Real world example: Temu is a popular app that scammers use to imitate. They can easily find your contact information and order details to send you a text message saying “Your order could not be delivered”. Each text contains a phishing link that can install malware on your device or steal your personal information. This is why Temu warns its users about the delivery companies they cooperate with.
What to do? Make sure the text messages you receive come from a legitimate courier service and check them again on the store’s website.
Fake order emails
Some scammers use sophisticated phishing techniques to lure victims. They tailor emails from well-known brands, use an urgent tone, place malicious links and urge you to click on your order status. In fact, there is no order status, they are stealing your data.
Real world example: Amazon is one of the largest online retailers worldwide, and this makes the brand easy to imitate. Scammers send emails on behalf of Amazon to try to steal customers’ personal data because it is highly likely that their victims have used Amazon, making it less suspicious. However, phishing emails have some signs you can look for.
What to do? Never click on any suspicious links and always check the sender’s contact information.
Exposure to unwanted data
When you shop online, you should be aware of the data you share, including your contact information, shopping habits, credit card details, and more. All stores collect some type of data about you. However, some companies collect more than you think.
Real world example: The infamous Target controversy in 2012 exposed how major retailers used data analysis to predict your shopping behavior. The company collected shopping data and was able to produce a predictive model for soon-to-be mothers.
They sent out brochures containing baby clothes, coupons for baby formula and more before customers even knew they were pregnant. Fortunately, modern shopping looks a little different. You may opt out of the collection of certain data and exercise your right to have personal information removed from websites that collect it.
What to do? Check what data stores collect about you and ask to remove any private information you don’t want them to have.
The truth behind those mysterious shipment emails in your inbox
How scammers find you
Imagine you are browsing for gifts online. Within minutes, your activity creates data points — device information, IP address, and browsing habits that feed online databases. Meanwhile, data brokers already have your full profile: age, income, address history, family members and even shopping behavior. These profiles are sold to marketers and often leak into criminal databases.
That’s why fraudulent calls, texts, and emails often appear “real.” They use your name, the appropriate retailer, and even your city. They don’t guess. They’ve bought your digital footprint.
The “vacation cleanup” your data needs
Most people clear their browser’s cookies or delete old emails to “preserve their privacy.” But that’s like locking your front door while leaving all your personal documents in the garden.
If you want to prevent scammers from targeting you this holiday season, you need to remove your personal data from the source, the data broker databases that fuel these scams.
This is where the data removal service comes into play. Although no service can guarantee complete removal of your data from the Internet, a data removal service is truly a smart choice. It’s not cheap, and neither is your privacy. These services do all the work for you by systematically monitoring and scraping your personal information from hundreds of websites. This gives me peace of mind and has proven to be the most effective way to clear your personal data from the Internet. By limiting the information available, you reduce the risk of fraudsters cross-referencing data from breaches to information they might find on the dark web, making it harder for them to target you.
Check out my top picks for data removal services and get a free check to see if your personal information really exists on the web by visiting Cyberguy.com.
Get a free check to see if your personal information is already on the web: Cyberguy.com.
Practical steps before shopping
To make sure your online shopping season remains stress-free and scam-free, here’s what CyberGuy recommends you do this week:
Inside the scammers’ day and how they target you
1) Run a privacy scan using a data removal service
Before the holiday rush, remove your exposed data from data brokers. You’ll reduce the number of scam calls, emails, and texts you receive this season and protect your financial information before it’s too late.
Control by removing personal data from broker databases before shopping. (Istock)
2) Secure your email
Use strong, unique passwords for each online store or service. Consider using a password manager to simplify this.
Next, check if your email has been exposed in previous breaches. Our #1 password manager pick has a built-in penetration scanner that checks if your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.
Check out the best expert-reviewed password managers of 2025 at Cyberguy.com.
3) Check for fake stores
Before clicking on a social media ad or email, hover over the link. Legitimate retailers use secure “https://” URLs and their exact brand name – no additional words or characters.
4) Avoid public Wi-Fi networks
Don’t shop or enter payment information over public Wi-Fi at an airport, café or mall, for example. Fraudsters can easily intercept unencrypted traffic.
5) Use credit cards or PayPal – not debit cards
Hackers are targeting online stores with a new attack
Credit cards have stronger fraud protection and make it easier to dispute unauthorized charges.
6) Enable two-factor authentication (2FA)
Turn on two-factor authentication (2FA) for your email, banking, and shopping accounts. Even if scammers get your password, they won’t be able to log in without a second verification step.
7) Keep your software and applications updated
Cybercriminals often exploit outdated browsers or applications. Update your phone, computer, and shopping apps before the holiday to close those vulnerabilities.
8) Monitor your banking and credit data
Check your accounts daily during the shopping season. The faster you spot suspicious charges, the easier it is to reverse and protect your funds.
Key takeaways for Kurt
Black Friday through Cyber Monday is prime time for data collection. Every purchase, coupon code and subscription adds to your profile maintained by marketers and data brokers. This information can remain online for years, long after the sales have ended. The good news? Regaining your privacy is easier than ever. By taking just a few minutes today, you can enjoy the holidays knowing that your personal data is no longer on the open market.
Click here to download the FOX NEWS app
How confident are you that your personal data isn’t already leading to fraud this holiday season? Let us know by writing to us at Cyberguy.com.
Sign up for my free CyberGuy report
Get the best tech tips, breaking security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – for free when you join my site CYBERGUY.COM Newsletter.
Copyright 2025 CyberGuy.com. All rights reserved.