Malicious shopping and delivery websites target consumers during the discount season

Key takeaways

According to NordVPN’s Black Friday scam data, scammers took advantage of the Black Friday and Cyber Monday rush, resulting in a 250% increase in fake shopping sites during the past month. eBay spoofing attempts went up by 525%, and fake Amazon sites rose by 232%. Since 68% of consumers cannot identify phishing websites, searching for online deals has become significantly riskier.

After people place orders, criminals switch to SMS phishing, also known as "smishing," and send fake tracking links. Malicious postal service websites increased by 86% in just one month. DHL is still the most impersonated brand overall, with fake sites up 206%, but the United States Postal Service (USPS) saw the biggest jump, with impersonations rising by 850%. These scams often say packages are "on hold" because of unpaid fees, taking advantage of people’s worries about missing holiday deliveries.

These attacks work so well because they create a sense of urgency and target people on their phones. In 2024, text message scams have caused $470 million in losses, which is five times more than in 2020. To stay safe, users should check website addresses carefully and use official apps instead of clicking on tracking links sent by text or email.