Hackers exploit the rush for discounts: here are the most common techniques and checks to perform before every online purchase.
- Hacker attacks during the Black Friday will increase by 400%, with artificial intelligence making scams ten times more effective and almost 40% of Italians already victims of online fraud.
- Social shopping and Buy Now Pay Later services represent new frontiers for criminals, with TikTok Shop multiplying the risks of cyberattacks.
- Protection requires essential precautions: verify HTTPS, use prepaid or virtual cards, avoid public Wi-Fi networks, and be wary of excessively advantageous discounts.
The most anticipated time of the year for online shopping is turning into a real festival for cybercriminals. While millions of Italians prepare to hunt for the perfect deal between
The numbers tell a worrying story. Experts like
The arsenal of cybercriminals has been enriched with increasingly sophisticated tools. In 2024, over
New consumer habits are opening further gaps for digital crime. Social shopping and Buy Now Pay Later services have now become established frontiers for scammers as well. 25.1% of Italians use social media to discover new brands, with TikTok in a dominant position: users spend an average of 32 hours and 12 minutes per month on the platform. The arrival of TikTok Shop has multiplied the risks of cyberattacks, as reported by the Postal Police.
Every Click Tells Something about Us and Can Become a Gateway for Criminals.
Companies face a vulnerability often underestimated: the improper use of corporate devices by employees. A Netskope report highlights that in 88% of companies, at least one monthly malware download from cloud applications like Google Drive and GitHub occurred during 2024.
Maurizio Zacchi, VP of the Academy of Cyber Guru, a leading Italian platform in training against cyberattacks, emphasizes how cybercriminals exploit human emotions during Black Friday: urgency, fear of missing out, and the desire to save become powerful levers to strike more effectively.
Protection involves precautions that should become automatic. Verifying that a site has the HTTPS address with the security padlock is the first fundamental step: being wary of domains that imitate well-known brands with small spelling variations can save you from trouble. The use of prepaid or virtual cards limits damage in case of fraud, allowing you to set low limits and deactivate cards after each purchase.
Two-factor authentication is an effective barrier even when credentials are compromised, while keeping operating systems and applications updated is equivalent to closing doors that criminals know well. Excessively advantageous offers should always trigger an alarm: a next-generation console at a quarter of the price or a flagship smartphone discounted by 70% are typical signals of scams that rely on urgency to push for hasty decisions.
Public Wi-Fi networks are a danger often ignored. Entering banking data or credentials while connected to a café, hotel, or airport network is equivalent to opening the doors to scammers who intercept information on these unprotected connections. When avoiding them is not possible, the use of a VPN or mobile connection becomes essential. Regularly checking account statements allows you to promptly identify suspicious charges, which can be the first sign of ongoing data theft.
Digital awareness remains the most effective weapon. Phishing and social engineering techniques are constantly evolving, making it necessary to stay updated through reliable sources like CERT-AgID, the Postal Police, or organizations specializing in cybersecurity. Reading reviews from independent sources before purchasing on unknown sites and verifying the presence of real contacts and authentic reviews can make the difference between a deal and a scam. Protecting digital identity also involves taking care of the devices used, because often the first gateway for criminals is not the network itself, but the habit of feeling safe when one shouldn’t.
