Bitdefender Antispam Lab reveals the 2023 Black Friday scam agenda. Stay in the know to avoid getting phished this shopping season

Although the Black Friday shopping frenzy has already begun in some parts of the world, million of consumers are still updating online shopping and wish lists in anticipation of 2023’s best shopping deals.

Between hefty discounts that can save you good money, Black Friday sales events make a highly profitable playground for cybercrooks seeking to siphon some of the billion-dollar profits.

The online hazards that await consumers on Black Friday are endless, with scammers reaching out to targets via emails, texts and social media. Some scams are dead giveaways, while more ‘hard-working’ cyber thieves aim to deliver more sophisticated ruses to eager online shoppers.

Millions of individuals fall victim to scams every year, but pre-Christmas season sales are the busiest times for cybercriminals.

In the past couple of weeks, researchers at Bitdefender Antispam Lab have been relentless in monitoring Black Friday spam volumes to keep you informed about relevant email-based scams so you can safeguard your money and data.

Unsolicited Black Friday emails (spam) come in all shapes and sizes, including benign unsolicited correspondence (brick-and-mortar marketing emails meant to attract shoppers).

But we’re not here to talk about aggressive marketing schemes that end in your inbox, presumably, by the dozen, during peak sales times.

In this article, courtesy of Bitdefender Antispam Lab, we would like to address the email-based threats (scams) exploiting the buzz surrounding Black Friday.

With the help of our antispam researcher Viorel Zavoiu, we’ve compiled some interesting stats for Black Friday scam topics and trends adopted by fraudsters this year.

Here’s what we found:

• The Black Friday spam rate, although barely existent by the end of spooky month, has grown consistently during the past weeks, with the largest peak at 22% noticed on Monday, Nov 13 (see Fig. 1). The rate of spam emails (both marketing and scams) will undoubtedly continue to grow throughout the official Black Friday week.

• According to Bitdefender Antispam filters, only 56% of all Black Friday-themed spam delivered between Oct 26 and Nov 13 was a legitimate marketing lure. The remaining 46% were marked as scams.
• Some scam campaigns impersonated big names in retail including Amazon, Walmart, Target, Kohl’s and Lowe’s, while others lured shoppers with huge sales and promotions on luxury bags and accessories (Louis Vuitton, Ray Ban and Rolex) and smart gadgets
• Although the US maintains its position as the number one recipient of Black Friday spam (by volume), shoppers in France (up 10 percentage points compared to our 2022 stats) are the second-most targeted consumers this year, receiving 15% of the entire volume of Black Friday-themed emails (see Figure 2). Shoppers in Ireland, Germany and Denmark were also popular among spammers.

• Another surprise this year is the top source of Black Friday spam, with 39% of such spam (by volume) sent from IP addresses in the Netherlands. The US shed 25% percentage points compared to our 2022 report, coming in second at only 24% (see Figure 3).

• The most impersonated brands in the scam correspondence include Amazon, Sam’s Club, Aldi, Walmart, Target, Lowe’s, Lidl and Argos.
• In line with Black Friday scams, we also analyzed some of the most targeted industries in phishing campaigns delivered in the past 16 days. Bitdefender telemetry shows the finance industry as one of the most targeted, at 34%, with retail coming third, at 13%.
• Black Friday shopping scams also go hand in hand with traditional phishing schemes delivered throughout the year. Between Oct 26 and Nov 13, Bitdefender caught phishing campaigns trying to hijack Amazon, eBay, and PayPal accounts, as well as financial phishing targeting shoppers’ bank accounts. For example, on Nov 6, 42% of the entire PayPal-themed correspondence (by volume) received by users was marked as a scam, while 25% of the entire Amazon-themed correspondence (by volume) received by users on Nov 13 was a scam.

A taste of the 2023 Black Friday scams you need to be aware of to protect your identity and money

Armed with years of experience, scammers continue to target enthusiastic but unaware consumers with an assortment of “amazing deals” to steal identities and commit fraud.

The 2023 scam agenda looks similar to the one from 2022, as cybercrooks stick to their old tricks, recycling bait they know works. A large chunk of Black Friday scams received by internet users in the past weeks sought to lure recipients with opportunities to claim exclusive early Black Friday deals, promotions and free gift cards or prizes from popular retailers.

Some of the email scams also showed clear signs of fraudsters using geo-targeting tools to tailor their attacks to specific locations, while others were geo-restricted (e.g. emails impersonating Lidl and Aldi’s), meaning that cybercriminals restricted access to websites based on the location of the targeted recipients.

To give you an example, scams sent to Spanish shoppers were geo-restricted to IP addresses in Spain. Some of the fraudulent emails also contained poison text or long blocks of usually hidden text meant to defeat keyword-based spam-filtering software.

As mentioned, the Black Friday fraud portfolio of 2023 contains a never-ending list of giveaway scams purportedly sent from well-known names in the consumer staples sector. The main objective of the fraudulent emails is to steal the recipient's personal information and payment card data through bogus surveys and fake prizes (golf carts, smart gadgets, $1,000 gift cards and kitchen appliances) that require small shipping fees.

Popular email subjects include:

• Claim your chance to win a $1.00 Amazon voucher
• Get into the spirit of Black Friday with a $500 ALDI Gift Card!
• [Black Friday] Save More, Shop More: Discount Designer Watches at Huge Discounts - Act Fast!
• Unbeatable Black Friday Deals: Grab the Latest Gadgets Now
• Sam's Club Early Black Friday Gift is here...

Scam samples can be found below:

The holiday shopping season is prime time for cybercrime. Don’t let your guard down, and stick to good cyber hygiene to fend off malicious and fraudulent shopping links you may unknowingly access this month.

Check out our dedicated guide for safe Black Friday and Cyber Shopping, here.

Leave it to us to PROTECT YOUR IMPORTANT this November and beyond!

Add an extra layer of security and privacy to the digital you when shopping with Bitdefender Premium Security. From best-in-class and award-winning protection for Windows, Mac, Android and iOS to ensure safe and scam-free browsing to VPN and a handy Password Manager, you can enjoy a safe shopping experience and protect your money and identity.

Read more about our security, privacy and identity protection solutions, here.