As Thanksgiving and Black Friday approach, so do the risks of fraudulent shopping scams. Cyber criminals take advantage of shoppers eager to benefit from the exceptional sales available on Black Friday. In preparation for this shopping season, Check Point Research has examined the activities of these cyber criminals. They found a significant increase in malicious websites related to Black Friday. Additionally, researchers noted that phishing emails have remained consistent, indicating that it is easy for cyber attackers to recreate these scams.
In this blog, we will explore the new websites and phishing emails that appear ahead of Black Friday.
New “Black Friday” Websites
As each year draws near to the much-anticipated Black Friday after Thanksgiving, many new websites emerge, often bearing names that resonate with the shopping extravaganza. This phenomenon reaches its zenith during the week of Black Friday when the activity peaks. A comparison with previous years reveals a striking trend: in the weeks leading up to this significant shopping event, the rate of registered new websites surged tremendously. For instance, this year, the number of newly established websites linked to Black Friday two weeks before the event has skyrocketed, showing an 89% increase compared to 2023. Even more impressively, this figure has more than tripled when stacked against the numbers from 2022, indicating a robust and growing interest in capitalizing on the shopping frenzy surrounding Black Friday each year.
While not all of these websites are designed with malicious intent, our analysis reveals a concerning statistic: approximately 3% are categorized as risky or outright malicious, with virtually none classified as “safe.” The overwhelming majority of these sites remain shrouded in ambiguity, typically displaying a default “parked” webpage cluttered with advertisements and links. This benign appearance can quickly transform, turning them into platforms for phishing attacks.
The malicious websites Check Point Research has observed signals a troubling trend. The websites not only impersonate well-known global brands but also target smaller, boutique brands that may be less recognizable. Interestingly, many of these fraudulent sites exhibit similar design elements and formatting, suggesting the possibility of a coordinated operation behind these deceptive practices.
The following are examples of fake “Black Friday” brand websites:
- Stüssy (Steatwear): stussycanadablackfriday[.]com
- Longchamp (Bags): longchampblackfriday[.]com
- Wayfair (Online Home Store): wayfareblackfriday[.]com
- SOREL (Footwear): soreloutletblackfriday[.]com
- Crew (Retail): jcrewblackfriday[.]com
- IUN (Footwear): blackfriday-shoe[.]top
Recurring banners on fake “Black Friday” websites (note the grammatical error in the first banner).
The display of similar product and pricing can be found on the following sites: jcrewblackfriday[.]com, soreloutletblackfriday[.]com and longchampblackfriday[.]com
wayfareblackfriday[.]com still seems as work-in-progress by the attacker – displaying wrong items and unrelated inline text
|
Brand |
Rolex |
|
|
Year |
2023 |
2024 |
|
Subject |
[Black Friday Special Offer] Rolex Watches Start at $250 Today! Shop Online Now! |
[Black Friday] Top Luxury Watches Starting at $250 – Shop Today! |
|
From |
Rolex Watches |
Hot Rolex |
|
Fake Website |
www[.]hotwatch[.]su
|
www[.]lzrox[.]co
|
|
Brand |
Louis Vuitton |
|
|
Year |
2023 |
2024 |
|
Subject |
[Black Friday] Louis Vuitton Bags Up To 90% Off! Top Quality Low Cost! Shop Online Now! |
[Black Friday]Louis Vuitton Bags Up To 90% Off! Top Quality Low Cost! Shop Online Now! |
|
From |
Louis Vuitton |
Louis Vuitton |
|
Fake Website |
www[.]85off-lvbags[.]com
|
www[.]hottest-bag[.]com
|
Shopping Safely with Security Tips
To help online shoppers stay safe this year, following some practical security tips is essential. First, always check URLs carefully for misspellings or unusual top-level domains, as these could indicate counterfeit sites designed to steal your data. Create strong, uncrackable passwords for your accounts, particularly for platforms like Amazon. Ensure the website URL starts with “https://” and has a padlock icon, signaling a secure connection. Limiting the personal information you share with online retailers is also wise, avoiding unnecessary details like your birthday or social security number. Be cautious with emails; phishing attacks often use urgent language to lure you into clicking links or downloading attachments—always verify the source. If a deal seems too good to be true, trust your instincts and avoid suspicious offers. Finally, credit cards over debit cards are preferred for online shopping, as they provide better protection and reduce liability in the event of theft.