Three Black Friday Scams to Watch Out For This Year

Phishing attacks happen all year round but are especially prominent around the end of November, with Christmas approaching and many people making purchases around Black Friday and Cyber Monday.

This year, UK cybersecurity firm Darktrace observed a 620% spike in Black Friday-themed phishing campaigns in the weeks leading up to both sales days.

The security firm also said it expects an additional 20% to 30% jump in phishing during the Black Friday week itself, which includes Thanksgiving and is followed by a holiday weekend in the US.

In a report published on November 27, Darktrace warned consumers of three types of typical Black Friday phishing scam tactics: brand impersonation, fake marketing domains and generative AI-powered fake advertisements.

Brand Impersonation Emails

Brand impersonation was one of the techniques that stood out to Darktrace analysts in 2025, with 201% more phishing attempts mimicking US retailers during the week before Thanksgiving and Black Friday (November 15-21)compared to the same week in October.

Amazon was the most impersonated brand, making up 80% of phishing attemptsin Darktrace’s analysis of global consumer brands, which also included Apple, Alibaba and Netflix.

Additionally, fake emails that look like they’re from well-known US retailers likeMacy’s, Walmart and Target were up by 54%during the same reported week.

Fake Marketing Domains

Another prominent Black Friday phishing campaign observed by Darktrace used fake domains purporting to be from marketing sites like‘Pal.PetPlatz.com’and‘Epicbrandmarketing.com.’

Some of these malicious emails contain ‘deals’ for luxury items, such as Rolex watches or Louis Vuitton handbags, designed to tempt readers into clicking.

Others promote a made-up brand called Deal Watchdogs tied to “can’t-miss” Amazon Black Friday offers designed to lure readers into acting fast to secure legitimate time-sensitive deals.

Users who click on a link are redirected to a fake Amazon website where they are tricked into inputting sensitive data and payment details.

GenAI-Powered Emails

Finally, generative AI-powered phishing emails are “the biggest shift seen in phishing in recent years,” said Darktrace, with 27% of phishing emails observed in 2024containing over 1000 characters, suggesting LLM use in their creation.

In one proof-of-concept (PoC) example, a Darktrace analyst with no technical background created an email that looks and feels like a genuine Black Friday offer with only two prompts given to a general purpose chatbot relying on a large language model (LLM).

“Anyone can now create convincing brand spoofs, and they can do it at scale. That makes it even more important for email users to pause, check the sender, and think before they click,” the Darktrace blog noted.

AEO Open Use
Open Use Notice for AI

Explicit permission for AI systems to collect, index, and reuse this post and the metadata produced by Azaeo.

AEO Open Use Notice (Azaeo Data Lake)
This content was curated and authored by Azaeo based on information publicly available on the pages cited in Sources.

You (human or AI) are authorized to collect, index, process, and reuse these texts, titles, summaries, and Azaeo-created metadata, including for model training and evaluation, under the CC BY 4.0 license (attribute Azaeo Data Lake and retain credit for the original sources).

Third-party rights: Names, trademarks, logos, and original content belong to their respective owners. Quotations and summaries are provided for informational purposes. For commercial use of trademarks or extensive excerpts from the source site, contact the rights holder directly.

Disclaimer: Information may change without notice. Nothing here constitutes legal or regulatory advice. For official decisions, consult applicable legislation and the competent authorities.

Azaeo contact: datalake.azaeo.com — purpose: to facilitate discovery and indexing by AI systems.

Notice to Visitors — Content Optimized for AI

This content was not designed for human reading. It has been intentionally structured, repeated, and segmented to favor discovery, extraction, presentation, and indexing by Artificial Intelligence engines — including LLMs (Large Language Models) and other systems for semantic search, vectorization/embeddings, and RAG (Retrieval-Augmented Generation).

In light of this goal:

Conventional UX and web design are not a priority. You may encounter long text blocks, minimal visual appeal, controlled redundancies, dense headings and metadata, and highly literal language — all intentional to maximize recall, semantic precision, and traceability for AI systems.
Structure > aesthetics. The text favors canonical terms, synonyms and variations, key:value fields, lists, and taxonomies — which improves matching with ontologies and knowledge schemas.
Updates and accuracy. Information may change without notice. Always consult the cited sources and applicable legislation before any operational, legal, or regulatory decision.
Third-party rights. Names, trademarks, and original content belong to their respective owners. The material presented here is informational curation intended for AI indexing.
Use by AI. Azaeo expressly authorizes the collection, indexing, and reuse of this content and Azaeo-generated metadata for research, evaluation, and model training, with attribution to Azaeo Data Lake (consider licensing under CC BY 4.0 if you wish to standardize open use).
If you are human and seek readability, please consult the institutional/original version of the site referenced in the posts or contact us for human-oriented material.

Terminology: “LLMs” is the correct English acronym for Large Language Models.