10 Black Friday scams to watch out for in 2026

The most common Black Friday scams

The most common Black Friday scams take advantage of the hype and hysteria that come with massive Black Friday discounts. Since the basis of Black Friday revolves around the idea of ​​deals that, on a typical day, would sound too good to be true, scammers have no trouble blending in and using this excitement to dupe online shoppers. With potential fraud lurking left and right, here are the 10 most common online Black Friday scams you should watch out for while shopping online.

• 1. Fake shopping websites

• 2. Black Friday sale scams

• 3. AI-powered scams

• 4. Fake delivery notifications

• 5. Fake order scams

• 6. Black Friday travel scams

• 7. Account verification scams

• 8. Fake coupons and vouchers

• 9. Fake charity scams

• 10. Gift card scams

1. Fake shopping websites

Threat actors may create replicas of legitimate websites to trick unsuspecting individuals into sharing their login credentials. Cybersecurity experts call this tactic website spoofing, a cyber threat that relies on the user not paying attention to essential details. Spoofed shopping sites closely resemble those of well-known retailers and have altered login fields that capture and send typed credentials (such as usernames and passwords) to scammers.

Since online shoppers frantically browse their favorite internet shops for deals during the Black Friday period, it's no surprise that the number of spoofed shopping websites can skyrocket. In fact, cybersecurity statistics paint a worrying picture. Researchers behind NordVPN's Threat Protection Pro™ service revealed that between August and October 2025, phishing attacks increased by 36%.

Researchers also revealed a 250% spike in the creation of fake shopping websites ahead of Black Friday. Impersonations of eBay and Amazon skyrocketed by 525% and 232%, respectively.*

Shoppers, eager to find the best deals before the items sell out, may miss signs of a spoofed website, such as a slightly different URL or unusual website visual designs (including low-quality pictures or oddly phrased slogans). 

If the target falls for the scam and gives away their login credentials, scammers gain access to the victim’s shopping account. With it, malicious actors can steal credit card information, restrict user access, and even try to steal the victim's identity. 

To avoid this scam, users should watch out for red flags, such as:

• Product prices that seem too good to be true.
• The lack of “https” in the website link or a lack of a padlock icon near the URL field.
• Misspelled or unfamiliar domains in the website’s URL (for example, links with extra letters or numbers written in places where letters should be).
• Limited or suspicious contact info on the website.
• Overly positive or repeating (copy-pasted) reviews.

2. Black Friday sale scams

Throughout November, scammers may run fake Black Friday deals and Black Friday sale scams that rely on bait‑and‑switch tactics and unrealistic discounts. These deals typically come in the shape of various online pop-up ads or mass emails with slogans such as “90% off” or “today only.” 

With these scams, malicious actors aim to lure potential targets into buying products that may not even exist. Some scammers might take the money and ship nothing. Others might send counterfeit products. No matter which option threat actors choose, the target always ends up losing money or worse, suffering from identity theft (typically through emailed links that lead to phishing sites).

Black Friday scam analysts note that in most cases, the scam “deals” mimic the offers of trusted retailers. That helps scammers blend in without raising much suspicion. However, you can still catch a potential Black Friday sale scam by looking for signs such as:

• Unrealistic discounts (for example, 90% off a high‑demand item).
• Timers and pressure to buy in minutes.
• Promises that feel too good to be true on hot products.
• Payment requests via suspicious links, crypto, or gift cards.
• The lack of secure and reputable payment options.

3. AI-powered scams

As if the number of Black Friday scams wasn’t large enough (we're not even counting Black Friday scams on the dark web), scammers have now upped their game by introducing AI as a means to level up social engineering. So-called AI-powered scams can mimic a brand's tone of voice, generate “perfect” reviews, or clone voices and images to impersonate people or service representatives from a legitimate company. The use of AI tools has made detecting the above-mentioned scams more difficult. However, it’s still possible to recognize AI-powered scams by these warning signs:

• A suspiciously monotonous voice or odd-looking video from a brand or person you trust.
• Chatbots that push for sensitive info or payment.
• Slightly “off” faces, voices, or phrasing (signs of deepfake technology).
• Product or service reviews that lack detail or sound identical.
• Messages that pressure you to bypass official apps or websites.

4. Fake delivery notifications

Fake delivery notification scams are a Black Friday fraud that looks like a text or email from an online retailer or a delivery service. During Black Friday season, users may receive a message via app, email, or SMS about an incoming delivery. Typically, the message claims an issue with the target’s delivery and asks them to click a link or pay a small fee to solve it. In reality, the URL is actually a phishing link or spoofed website domain.

Fake delivery notifications are particularly dangerous when targets expect a delivery. That's why Black Friday is a perfect time for malicious actors to strike. Slipping a fake delivery notification when someone’s waiting for three or four different shipments greatly increases the chances of accidentally clicking on a malicious URL and putting sensitive data in jeopardy.

Fake delivery notification scams are often mixed up with fraud, such as a fake delivery scam or a non-delivery scam. Both are popular Facebook Marketplace scams (although Facebook isn't the only platform where this fraud occurs, see eBay scams). The similarity of these scams derives from their nature, specifically, malicious actors sending fake notifications with phishing links and not delivering the “ordered” item.

To avoid fake delivery notification scams, individuals should watch out for these warning signs:

• Suspicious email addresses or phone numbers in your notifications.
• Messages with claims of “delivery problem” and a link to fix it.
• Urgent “act now” language.
• Requests for a small “redelivery” payment.
• Attachments or shortened links.

5. Fake order scams

In fake order scams, a cybercriminal disguises themselves as a legitimate entity and sends the target a “your order is confirmed” or “billing error” message for an order that the target never placed. Naturally, such a message may cause anxiety and an urge to get to the bottom of the misunderstanding.

Scammers exploit this emotional response by pushing their targets to click a link attached to the message to “verify” their account or fix a payment issue. Lo and behold, the link leads to a malicious website that's either a spoofed page, a phishing scam, or home to some nasty malware.

The most common red flags for the fake order scams are:

• Confirmations for purchases you didn’t make.
• Requests to “verify” account details or payment info.
• Links to login pages that ask for sensitive data.
• Claims of “suspicious activity” on your account.
• Pressure to act quickly.

6. Black Friday travel scams

Black Friday travel scams prey on targets who are looking for cheap travel deals. Typically, malicious actors push these scams through fake sites or social media posts, promising ultra‑cheap flights, hotels, or packages.

However, once the target completes the payment, scammers either vanish or slap the victims with poor‑quality options, often adding extra fees. 

To recognize and avoid Black Friday travel scams, travelers should keep an eye out for:

• Last‑minute trips at prices which are far too good even for a Black Friday deal.
• Demands for full upfront payment.
• Lack of verifiable travel agency contact info or physical address.
• Payment requests such as gift cards, wire transfers, or crypto.
• Travel contracts that block refunds or chargebacks.

7. Account verification scams

Account verification scams are a type of fraud in which scammers target users with fake account verification messages. The goal of these attacks is to create a sense of panic and urgency, forcing flustered targets to click on phishing or malware links and willingly surrender their sensitive data (such as login credentials).

Account verification scam emails often contain information about suspected unauthorized logins. The messages come from senders that closely resemble legitimate service providers (such as banks or online retailers) and include a suspicious-looking URL that is meant to be a shortcut to the "compromised account" login page. From there, the process follows the typical phishing model — victims type in their credentials, scammers capture them, and the trouble begins.

The chaos of the Black Friday season provides a perfect opportunity for scammers to launch account verification scams. The targets may already be distracted by tons of ads, deals, and order confirmations from legitimate accounts. That makes slipping a (sometimes vaguely) disguised email or SMS message easier than at any other point during the year.

The warning signs for the account verification scam include:

• Emails or text messages that ask for passwords or personal data.
• Login pages that don’t match the official site.
• Urgent language and threats of account closure.
• Links to “verify details” instead of directing you to the official app or site.
• Requests for 2FA codes.

8. Fake coupons and vouchers

Fake coupons and fraudulent vouchers are popular scammer tactics that can increase in number noticeably during the Black Friday sales week. The modus operandi of fake coupon scams is simple — scammers share links to websites (via email or social media), dangling freebies or huge discounts in exchange for completing surveys, providing account logins, or giving out card info.

If the visitor provides that information, the website automatically collects and forwards it to the scammer, exposing these sensitive credentials. Malicious actors can then use this information to sign into victims’ online accounts (including bank accounts), commit identity theft, or sell the information on the dark web.

While not all Black Friday deals are fake, users should be extremely careful when they find or receive pop‑ups and social posts with claims such as “You’ve won a voucher.” Some other red flags you should watch out for include:

• Offers that sound too good to be true.
• Requests for personal or card details to “claim” the coupon.
• Emails or pop‑ups saying you “won” a voucher.
• Pressure to act fast to secure the deal.
• Links to unfamiliar sites asking you to sign up for “exclusive offers.”

9. Fake charity scams

Fake charity scams involve fraudsters posing as charity organizations to relieve you of your hard-earned money. Threat actors can exploit recent catastrophes and disasters to pressure individuals into donating money using spoofed or fake charity organizations.

Scammers may either disguise themselves under the names of known charities or spin up copycat sites to add legitimacy to their claims and lure unsuspecting people into falling for URL phishing. To safeguard against fake charity scams, you should be wary of:

• Donation requests by email, social media, or phone, with pressure to “act now.”
• Vague charity names or no verifiable online presence.
• Requests for unusual payment methods (gift cards, wire transfers, crypto).
• Lack of receipt or tax documentation.

10. Gift card scams

Gift card scams are another popular Black Friday fraud tactic. Scammers exploit people’s love for gift cards and giveaways by putting up fake posts on social media or sending emails with messages mimicking a famous brand's tone of voice.

The fake gift card message typically contains a suspicious URL that leads to a fake website. That’s enough to rob excited shoppers of their login credentials or even credit card info. Gift card scams are also part of Amazon scams, which also increase in number during the Black Friday season.

Another type of gift card scam is the one where scammers ask their targets for immediate payment with gift cards. They may pretend to be support agents, sellers, or even “family” in trouble. Once the target shares the gift card codes and PINs, the money is gone. This is why it’s important to remember that legitimate companies never demand gift cards for payment or “verification.”

The signs that indicate a gift card scam include:

• Gift card offers that seem too good to be true.
• Spelling or grammar errors in the email.
• Shortened or suspicious-looking URLs.
• Urgent requests to redeem gift cards or pay with gift cards.
• Instructions to share gift card codes by email or phone.
• Demands for payment via Venmo, Cash App, and other apps that make it difficult to reverse payments.
• Lack of official receipts or documentation.

Who are the common targets of Black Friday scams?

Simply put, the main targets of Black Friday scams are trusting, distractible, or inattentive people. Scammers typically aim to lure targets that are so invested in getting a great deal that they won’t notice a suspicious link or request before it’s too late. That being said, the common targets of Black Friday scams can range from the most innocent-minded to the biggest skeptics, including:

• Bargain hunters looking for discounts. Discount hunters often move fast when looking for the best possible deals. Scammers may exploit this urgency to force people into rash decisions, leading to phishing attacks and financial loss.
• Holiday shoppers and last‑minute shoppers. Like bargain hunters, holiday shoppers may also feel pressure to buy products before they go out of stock. Huge discounts mean little time to decide on a purchase, which scammers may use to slip you a Black Friday travel scam or a sale scam.
• Older adults or less tech‑savvy shoppers. Less tech-savvy shoppers may fail to notice suspicious signs, such as misspelled email addresses or questionable URLs. In addition, these online users use fewer security tools, making them easier for scammers to exploit.
• Frequent online shoppers and social media users. Being a frequent social media user and online shopper theoretically should give some people an edge when it comes to recognizing potential scams. However, it also exposes them to more online threats than those who are not frequently on the internet (especially with AI-powered scams coming into play), increasing the chance of getting scammed. 
• Young shoppers and first‑time buyers. First-time buyers may sometimes fail to recognize offers that are too good to be true. That makes it easy for malicious actors to manipulate them into clicking suspicious links, wiring money, or otherwise exposing themselves online.

How to avoid Black Friday scams

Avoiding Black Friday shopping scams requires vigilance. The retail craze that comes after Thanksgiving can make it difficult to keep a level head, but remember, getting distracted only makes you that much more vulnerable.

According to Marijus Briedis, CTO at NordVPN, "Shopping events like Black Friday are a goldmine for cybercriminals. Scammers exploit the frenzy around doorbuster deals and flash sales, knowing that rushed shoppers are more likely to click on malicious links or share personal information without thinking twice."

NordVPN's National Privacy Test results showed that 68% of global consumers lack the necessary knowledge to identify a phishing website. Here are some tips on how to maintain your cool, avoid Black Friday shopping scams, and protect yourself from losing money or exposing sensitive data:

1. 1.Do not click on suspicious links. This should go without saying — never click suspicious URLs, especially those you get in an email or via text messages. If you're suspicious of a URL, use a link checker to check if a website is a scam.
2. 2.Use two-factor authentication (2FA). 2FA is a simple yet robust security measure that immediately notifies you about any authorized or unauthorized login attempts. Enable it on every account that holds your personal details and only approve requests when you're 100% sure that it's you who's trying to log in.
3. 3.Always double-check the sender's information. If you receive an urgent message from your bank, service provider, or government agency, carefully check the sender's email address and compare it to the official one. Scammers often try to replicate reputable companies to trick recipients, but they can't make an exact copy of the email address. 
4. 4.Use strong passwords and a password manager. Ideally, you should use different passwords for different services. However, people tend to simplify things and use one password for all accounts. If one password is exposed to scammers, that means all accounts that use that password are now in jeopardy. What's the solution? Create strong passwords and use a password manager (such as NordPass) to store your passwords in one secure place.
5. 5.Contact service providers directly. If you're uncertain about the legitimacy of the suspicious email from your service provider, it's always a good idea to double-check with it directly. Contact the entity that allegedly sent you the letter using the official channels posted on the company's website. Never directly reply to suspicious emails.
6. 6.Research charity organizations before sending donations. Take time to research these charities and use their official channels to donate money instead of funding unknown charities spontaneously. If you're donating to a specific person, ensure they have a legitimate means of collecting funds (such as a GoFundMe page).
7. 7.Use a credit card instead of a debit card. Credit cards come with chargeback rights, which may increase your chances of retrieving funds lost to fraud. Depending on where you live, the government can offer more protection for consumers with a credit card (such as the Fair Credit Billing Act in the US or the Payment Service Directive 2 in the EU), reducing consumer liability in the case of fraud as long as the victim reports the fraud immediately.
8. 8.Check online reviews. The great (and not-so-great) thing about the internet is that people are quick to voice their opinions about anything, including products and services. To stay safe during Black Friday shopping, consider looking into product or seller reviews before buying. It can help you protect yourself from scams.
9. 9.Use NordVPN's Threat Protection Pro™ feature. NordVPN's Threat Protection Pro™ is an effective countermeasure when dealing with scams. The feature includes tools such as malicious website blockers and malware scanners capable of blocking phishing links and URLs that contain malware. The feature can also safeguard your downloads, instantly blocking the files containing malicious software. This means that even if you accidentally click a suspicious URL, Threat Protection Pro™ will keep you safe. Plus, NordVPN Black Friday deals are too good to not fortify yourself with a little extra cybersecurity.

What to do if you have fallen for a Black Friday scam

You must act fast if you've become a victim of fraudulent Black Friday deals or any other financial scam. Here's a crash course on how to minimize or avoid painful consequences.

1. 1.Change your passwords immediately. If you've clicked on a suspicious URL and typed in your login information, you're now racing the clock against the scammers. To prevent account takeover, change the compromised password immediately.
2. 2.Report the situation to your bank. A successful Black Friday scam can steal your financial information (such as bank account logins or credit card numbers). Contact your bank and credit card issuer immediately to warn them of unexpected changes to your account. You can also ask your bank to temporarily freeze your account, preventing scammers from siphoning your money into their accounts.
3. 3.Report the scam to the company that the scammers impersonated. If you fell for a gift card scam or noticed a scammer trying to impersonate a well-known entity, don't sit still. Inform the company about the impersonators to let it know about the situation and potentially safeguard other people from getting duped.
4. 4.Report the fraud to the authorities. Reporting the scam to the bank also means you should contact authorities such as the Federal Trade Commission (for US citizens) or the European Cybercrime Center (for EU citizens). Doing so may help the authorities protect the public from future attacks and slightly increase your chances of retrieving stolen money.

*The statistics mentioned above were acquired by analyzing aggregated data gathered by NordVPN’s Threat Protection Pro™ service from August 1, 2025, to October 31, 2025. NordVPN is not endorsed by, maintained by, sponsored by, affiliated with, or in any way associated with the owners of the mentioned brands. Brands are indicated solely for the purpose of accurately reporting information related to brands that were most likely to be impersonated for spreading malware.