10 Black Friday scams and tips to avoid them

Data from the Federal Trade Commission (FTC) shows that online shopping fraud was the second most common type of fraud in 2024, with over 380,000 reports resulting in $432 million in consumer losses. And, with Black Friday driving record e-commerce sales, there’s no better opportunity for scammers to exploit distracted shoppers.

From fraudulent online shops promoting made-up discounts to opportunistic scammers sending fake delivery notification texts to capitalize on peak shopping season, there are plenty of risks to watch out for.

We’ll break down the most common Black Friday scams, how fraudsters lure you in, what red flags to watch for, and practical steps you can take to protect your data and your wallet.

1. Fake online stores

Scammers create fake online stores by cloning retailers’ webpages — complete with logos, product photos, descriptions, and even lookalike domain names — hoping to trick unsuspecting shoppers into thinking they’re on a legitimate website.

If you attempt to make a purchase on one of these counterfeit stores, you’ll be sent to a fake checkout page designed to steal your personal or financial information. Scammers can then use any information you provide to commit fraud or identity theft.

To avoid online shopping scams over the Black Friday and Cyber Monday period, make sure to check the websites you’re visiting carefully. Fake websites might look convincing, but there will be subtle red flags if you pay close enough attention, including:

• URL misspellings: A fake website URL will include letters or numbers that don’t appear in the authentic URL. A scammer might create a fake clone of bestbuy.com with a lookalike URL like be5tbuy.com, for example.
• No HTTPS or tune icon: All legitimate retail websites will use HTTPS, a protocol that establishes a secure connection. If you visit a website that only uses HTTP, your data might be at risk. You can check this by inspecting the URL or looking for a tune (controls) icon in your address bar.
• Recent domain registration: If a website you visit is hosted on a domain that was only registered recently, you should treat it as a red flag. If you’re ever suspicious, you can check how old a domain is by running a WHOIS lookup using a free tool like whatsmydns.net.
• Inconsistent contact info: Legitimate websites should include real contact information, like an address and phone number, that matches what appears elsewhere. If you visit a website with different contact information than the brand’s social media page, for example, it might be a fake.

These scams can trick even sophisticated tech users. PCWorld writer Michael Crider nearly fell for one, discovering a fake version of a legitimate retailer’s website, with “USA” included in the URL, in Google’s search results. It offered the same stock at a tempting 50% discount. But a quick WHOIS lookup revealed the domain was newly registered overseas and wasn’t connected to the real company.

It’s not just retail websites that get cloned. You might also encounter Black Friday travel scams, for example, with fraudsters creating fake airline or travel agency websites that try to lure you in with fake discounts on flights or hotels.

2. Account verification scams

Some Black Friday scammers may send phishing emails or smishing texts impersonating trusted companies, retailers, banks, or delivery services, claiming you need to “verify” your account or update your payment details. The goal is to trick you into clicking a link that leads to a fake website, where you’ll be prompted to enter your login credentials or credit card information.

A common Amazon scam revolves around this tactic. The scammer sends an email with a threat that your account will be locked if you don’t verify your details. But the link leads to a fake version of the Amazon login page, and if you enter your login credentials, they’ll go straight to the scammer who can then hijack your account.

To avoid account verification scams around Black Friday, think hard about whether a request is real before responding or clicking any links. Here are a few ways to spot a fake email:

• Check the sender’s email address: Real emails will come from an address that features the company’s authentic domain name (like @amazon.com for emails from Amazon). If you get an email from a suspicious-looking email address, act with caution.
• Look for proper branding and language: Legitimate account verification requests will rarely have spelling or branding mistakes, and will never use urgent, threatening language designed to pressure you to act without thinking.
• Check your account independently: If you’re suspicious about a request to verify your account, log in to the website in question directly to see if any action is required. If the email request was authentic, it should be reflected in your account.
• Watch for unusual requests: Legitimate companies won’t ask for your full password, PIN, or payment info via email. If you get an email asking for these sensitive details, contact the company directly to confirm it’s real.

3. Fake social media ads

Scammers use social media platforms like Facebook, Instagram, and TikTok to post ads for popular products at deep discounts around Black Friday. These ads often mimic legitimate brands, with convincing images and branding.

The goal is to trick you into clicking the ad, after which you’ll end up on a fake online store where scammers will try to deceive you into sharing sensitive information or making a payment.

One Reddit user fell for a Facebook scam with a fake ad for matching Christmas pajamas from a brand she trusted, offering 70% off for Black Friday. The site looked legitimate, but after purchasing, she realized the website was fake. The real company confirmed the scam, and her bank wouldn’t refund her. She ended up losing her money with no products to show for it.

Knowing how to spot fake social media ads can help you avoid a similar fate. Here are signs that a Black Friday discount ad on social media may be fake:

• A too-good-to-be-true deal: While Black Friday might be known for steep discounts, literally unbelievable savings on popular items are very rare. If a discount seems too good to be true, it just might be.
• Research the company independently: If you see an ad for a product from a company you’ve not heard of before, search for the brand’s official site using Google and check user reviews before clicking it.
• Read comments and reviews on the ad: Many social media platforms, like Reddit and Facebook, allow users to comment on ads. Check if there are any warnings in the comments before clicking it yourself.

4. Counterfeit products

Counterfeit products are unauthorized replicas of branded goods, often poorly made and sold at a fraction of the regular price. They commonly mimic luxury brands like Gucci, Louis Vuitton, or Michael Kors, as well as mass-market brands like Adidas and Nike.

In the weeks around Black Friday, scammers capitalize on the demand for deals by posting counterfeit product listings on sites like Facebook Marketplace or eBay. These items are often advertised as Black Friday bargains, but if you buy, you may end up with nothing at all or a product of extremely poor quality, while the scammer keeps your money.

Use the following tips to reduce the risk of accidentally purchasing counterfeit items:

• Beware of unusually low prices: If the deal seems too good to be true, it probably is. Even Black Friday doesn’t reduce the price of premium branded goods to ridiculously low levels.
• Check product descriptions and photos carefully: Counterfeit listings on marketplace websites often reuse stock photos or have vague, copy-pasted descriptions that stand out as generic.
• Inspect customer reviews: If an online seller claiming to sell authentic branded goods has a poor review profile, with customers complaining about bad product quality, it’s a red flag they’re selling fakes.

5. Giveaway scams

Some scammers create fake Black Friday giveaways, often impersonating a trusted brand to claim you’ve won a free gift card, discount, or other prize. You might hear about your “win” in an email, text, or social media message, with the scammer using urgent language and suggesting you need to claim your prize quickly to avoid it expiring.

However, the way to claim your “prize” will often be to click a link included in the message, which will actually lead you to a fake website or survey designed to steal your personal information.

One fake Trader Joe's gift card giveaway is an example of a recent giveaway scam, involving scammers tricking people into providing personal information in exchange for a $750 Trader Joe's gift card. Of course, anyone who fell for the scam and shared their details never actually received the prize.

Knowing how to spot a fake giveaway scam can help you avoid getting duped. Look out for the following signs:

• The offer seems too good to be true: High-value or free gifts for little to no effort are a major red flag.
• You’re asked to claim the gift via a link: Legitimate retailers won’t send you a suspicious link to receive a free prize.
• Unfamiliar or suspicious senders: Check that the email, text, or message comes from a real account, not a fake.

6. Gift card scams

Gift card scams are a year-round threat, but they’re in full force during busy shopping seasons like Black Friday. They involve scammers trying to trick you into paying them with gift cards instead of credit or debit cards, leveraging the fact that gift card payments are untraceable and irreversible to hide their tracks and get away with your money.

In a gift card scam, the fraudster’s ultimate goal is to collect gift card codes and redeem or resell the value, leaving you with no product and out of the money you spent on the gift card.

Knowing how to spot gift card scams can help you avoid getting tricked. Look out for the following scam warning signs:

• Watch for gift card-only payment requests: No legitimate seller will require you to make a payment with a gift card. If a merchant doesn’t accept credit or debit card, or a secure online payment method like PayPal, don’t shop with them.
• Avoid sharing card codes: Never send the PIN or activation code of a gift card to a buyer or seller you’re transacting with. There’s nothing to stop them from redeeming the card’s value for themselves, and very little you can do to reverse it if they do.

7. Fake delivery notifications

Scammers target shoppers expecting packages by sending fake emails or texts that appear to come from carriers like USPS, FedEx, or UPS, claiming there’s an issue with your delivery or that a package is awaiting pickup. The goal is to trick you into clicking a link to track your parcel or request redelivery. But if you follow the link, you may put your data at risk.

The USPS text scam is one variant of this scheme, with scammers often claiming that your package won’t be delivered unless you click a link or pay a fee. The link may lead to a phishing site that looks like the real USPS website, but it’ll ask you to enter personal information or login credentials that’ll be sent straight to the scammer.

Here’s how to spot the scam to avoid getting duped:

• Check tracking info directly: If you’re trying to track a package, go to the delivery company’s official website and enter your tracking code. Don’t rely on links in emails or texts, as they could be fake.
• Verify sender info: Official delivery update notifications will come from recognized domains or phone numbers. If the sender’s info looks suspicious, treat it as a scam until you can prove otherwise.
• Watch for requests for payment or personal info: Delivery carriers will never ask for payment via email or text. If you get a request to pay a fee for your parcel to be delivered, ignore it.

8. Malvertising scams

Malvertising scams use seemingly legitimate online ads to spread malware or send shoppers to fake websites. These ads often mimic well-known retailers and, around Black Friday, might advertise “holiday deals.” But clicking them can install harmful software on your device that leaves your personal or financial information vulnerable.

Scammers push these ads aggressively during shopping spikes. In fact, research showed a 41% increase in malvertising scams ahead of Black Friday and Cyber Monday in 2024. The goal is to infect your device, harvest your data, or trick you into making bogus purchases.

Watch out for the following signs of malicious ads:

• Check offer details carefully: High-value or “free” deals from well-known brands are often a red flag that the ad is part of a scam.
• Verify URLs before clicking: Before clicking an ad, inspect the URL it leads to by hovering over the link (or long-pressing it on mobile devices). Misspellings, extra words, or unusual domain extensions might indicate it’s a fake website.
• Inspect landing pages: Generic layouts, low-quality images, or vague company details on a webpage you reach from a suspicious ad are all red flags signaling a scam. If you’re in doubt, leave the website.
• Avoid downloads from ads: Some malvertising ads will auto-start a download if you click them. Legitimate retailers don’t require that you download a file or extension to access a deal, so stop the download process immediately.

9. Fake sales and inflated prices

Some Black Friday “deals” aren’t real discounts at all. Retailers or scammers advertise products as being on sale by inflating the original price. This tactic creates a false sense of urgency and tricks shoppers into thinking they’re getting a bargain.

Federal law and state laws like California’s SB 478 prohibit advertising a price as a discount when the original price wasn’t available to the public for a sustained period.

Still, shady sellers and websites continue to use fake discounts to lure shoppers. Their goal is to drive impulse purchases at prices that aren’t really a deal.

Watch for these red flags when evaluating sales and discounts:

• Compare prices across multiple retailers: If the “sale” price matches or exceeds other stores’ regular price, it’s likely not a real discount.
• Check the product’s price history: Use tools like CamelCamelCamel or Honey to see if the “original” price was ever actually charged.
• Be skeptical of constant countdown timers: Legitimate deals rarely reset endlessly or stay “limited” for weeks.
• Look for disclosures: Real retailers must clearly state the conditions of a sale and not misrepresent original prices.

10. Vishing and impersonation calls

Scammers may take advantage of Black Friday to call and impersonate your bank, credit card company, or retailers, using voice phishing (vishing) techniques. They often say there’s a suspicious purchase or an urgent account issue and ask you to provide personal information, card numbers, or one-time verification codes. Their goal is to steal money or commit identity fraud by exploiting the holiday shopping rush.

Here’s how to avoid getting duped by a vishing scheme this Black Friday:

• Verify caller identity: If the phone call comes from an unrecognized number that your phone’s caller ID can’t identify, act with caution. However, bear in mind that scammers may also be able to spoof their phone number to look more legitimate, so don’t rely solely on this warning sign.
• Watch for urgent threats: Official institutions don’t pressure you to provide sensitive info over the phone, while scammers often claim your account will be suspended or purchases will be canceled if you don’t act immediately.
• Refuse to share codes or passwords: Legitimate companies never ask for full card numbers, PINs, or one-time verification codes over the phone. If you get asked for this information, you’re likely dealing with a scam and should hang up.

How to avoid Black Friday scams

The best defense against Black Friday scams is to stay vigilant and verify retailers before interacting with their content or making a purchase.

Follow these tips to shop safely:

• Only shop on trustworthy websites: Stick to official brand websites or trusted marketplaces that you already know and trust. Don’t be tempted to follow links to unfamiliar websites included in emails, ads, or social media posts.
• Check site security: Look for HTTPS encryption (recognizable with a tune icon in your browser’s address bar) before entering your payment details on a website.
• Don’t click suspicious links: Avoid clicking any links in emails, spam texts, or ads that seem unusual or advertise offers that seem too good to be true. You may end up downloading malware or visiting a fake website that aims to steal your sensitive data.
• Watch for urgency tactics: Be wary of countdown timers, limited stock claims, or other pressure tactics to rush you. Scammers often rely on false urgency to trick you into providing personal information or payment without thinking.
• Enable two-factor authentication: Using two-factor authentication (2FA) adds an extra layer of security to your accounts, helping protect against unauthorized access. This can keep your accounts safer if you accidentally reveal your login credentials to a scammer.
• Use secure payment methods: Pay with credit cards or trusted digital payment services like PayPal, rather than gift cards, wire transfers, or other less traceable and often irreversible methods of payment.
• Verify marketplace listings: If you’re shopping on platforms like Facebook Marketplace or eBay, check seller reviews, ratings, and profile history before making a purchase.
• Keep software up to date: Ensure your browser, antivirus software, and devices are updated with the latest security patches to help block malicious sites, malware, and scam tactics.
• Monitor accounts regularly: Check your bank and credit card statements frequently during the holiday shopping season, looking out for suspicious activity that might indicate a scammer has access to your financial accounts.
• Protect your personal information: Only ever provide necessary details to merchants you’re shopping with. Avoid sharing sensitive data a retailer doesn’t need, like your Social Security number (SSN), password, or PIN.
• Invest in identity theft protection: While many scams aim to get you to buy a bogus product, some scammers hope to get enough information to steal your identity. An identity theft protection service like LifeLock can help you reduce exposure of your personal data and detect early signs of identity theft, so you can take action to protect yourself.

What to do if you get scammed

If you fell for a Black Friday scam, the most important first step is protecting your finances. You can also help minimize damage by alerting your bank to the scam, resecuring any compromised accounts, and monitoring for any further suspicious activity.

Here’s a step-by-step guide covering what to do in the immediate aftermath of a Black Friday scam:

1. Stop interacting with the scammer: As soon as you realize you’re dealing with a scammer, stop all communication. Continuing to engage can increase your risk of additional fraud or phishing attempts.
2. Contact your bank and credit card company: If you’ve given the scammer financial information or made a payment, get in touch with your bank or credit issuer immediately. Ask about reversing or disputing fraudulent transactions, and consider temporarily freezing any affected payment methods to prevent further losses. While recovery isn’t guaranteed, acting quickly improves the chances of getting money back.
3. Change passwords: If you shared login credentials with a scammer, create a new strong password for potentially compromised accounts (and any other online accounts that share the same password). You should also enable 2FA for an added layer of protection against account takeover attacks.
4. Scan your devices for malware: Some scams may install malicious software on your device. If you clicked a link or ad, run a full antivirus or anti-malware scan on your device and remove any malware it finds.
5. Report the scam: Report the scam to the Federal Trade Commission (FTC) and Internet Crime Complaint Center (IC3) to help you get access to resources that aid your recovery. You’ll also contribute evidence that may help authorities track scam activity.
6. Check your credit report: Obtain a copy of your credit report for each of the three major bureaus and look for any unfamiliar accounts or inquiries that might signal credit fraud. Consider placing a fraud alert or credit freeze if you notice suspicious activity.
7. Monitor financial accounts: In the weeks and months after a scam, keep a close eye on your bank statements and credit card activity for unusual transactions.
8. Invest in identity theft protection: Identity theft protection services like LifeLock can help you monitor your credit, detect suspicious transactions, and get alerts if your personal information has been exposed on the dark web. This helps you protect your identity in the aftermath of a scam, reducing the risk that it spirals into more serious fraud.

Skip the scams this holiday season

Stay ahead of the scammers this holiday season by following the shopping safety tips above, and for additional peace of mind, join LifeLock Standard. It’ll help you monitor exposure of your personal information online so you can reduce the risk of being targeted by a scammer in the first place. And, if your information is compromised, LifeLock’s credit monitoring and 24/7 member support will be there to help you fight back.

FAQs

Is Black Friday a scam?

No, Black Friday itself isn’t a scam. It’s a legitimate shopping day with real deals. However, the high volume of sales attracts scammers who use fake sites, ads, and phishing emails to trick shoppers. Staying cautious of the risks and only shopping on verified retailer sites can help you avoid scams.

How can I check if a Black Friday deal is real?

To check if a Black Friday deal is real, verify the retailer’s website, compare prices across multiple stores, and be cautious of steep discounts or urgent sales tactics.

Are there Black Friday AI scams?

AI is sometimes used in scams to create realistic fake ads, emails, or websites that trick Black Friday shoppers. Scammers can use AI-generated images, text, or chatbots to make offers seem legitimate.

Should you store credit card info for Black Friday shopping?

It’s safer not to store credit card information on websites, even for Black Friday shopping. Storing payment info can make it easier for scammers to access your financial data if a site is compromised.