Black Friday Discounts Fuel a Wave of Cyber Scams Across Europe
Cyberattacks during Black Friday are projected to surge by more than 400% across Europe, with AI-powered scams becoming dramatically more convincing. According to Europol and ENISA, social engineering attempts peak during major online-shopping events, and almost one in three European consumers has encountered online fraud in the past year.
With social shopping booming and Buy Now, Pay Later services spreading rapidly, cybercriminals have found fertile new ground. Platforms like TikTok Shop — already flagged by several national cybersecurity agencies, including the UK’s NCSC — add a new layer of risk for shoppers.
The Holiday Deals Frenzy Is a Goldmine for Hackers
As millions of European consumers prepare for the Black Friday–Cyber Monday marathon, cybercriminals prepare just as eagerly. AI-assisted scams have made fraudulent pages, emails and customer-service impersonations almost indistinguishable from legitimate ones.
And the numbers are not comforting.
ENISA’s 2024 Cyber Threat Landscape report highlights a 25% rise in phishing campaigns mimicking well-known marketplaces, courier services and payment providers. Globally, more than 38 million phishing attempts linked to fake shopping portals were recorded this year alone.
Some tactics have become depressingly familiar:
- Replica websites cloned down to the favicon
- SEO-poisoned listings (the so-called “Phish-and-Ship” campaigns) placing fake shops high in Google results
- Brand lookalikes exploiting a single swapped letter in the domain
More than a thousand online stores across Europe have already been compromised through these SEO-driven attacks since 2019.
Social Commerce and BNPL: The New Playground for Scammers
TikTok, Instagram and emerging social-commerce tools have changed how Europeans discover and buy products — and criminals noticed.
Ofcom reports that 24% of UK adults discover new brands directly via social feeds, and TikTok users now spend over 30 hours a month inside the app. The arrival of TikTok Shop has accelerated fraudulent listings, fake seller accounts and misleading promotions. Several EU consumer-protection authorities have launched investigations into misleading ads and unsafe listings promoted via social commerce.
Meanwhile, Buy Now, Pay Later (BNPL) platforms are being abused in identity-theft schemes, opening the door to fraudulent checkout attempts and quick-purchase scams.
Every Click Leaves a Trail — and Hackers Follow It
Businesses face their own risks during the shopping season.
A 2024 Netskope study found that in 87% of European companies, employees downloaded at least one malware-infected file from cloud services such as Google Drive or GitHub every month. All it takes is one unverified file disguised as an order confirmation or shipping label.
Cybercriminals thrive on emotional triggers — FOMO, urgency, the thrill of a “too good to be true” deal. And Black Friday serves them all on a silver platter.
How to Shop Safely Online (Without Killing the Fun)
Some precautions sound basic, but they’re your strongest shield:
- Check the HTTPS padlock
And examine the domain with care. One swapped character is enough to fool even experienced users. - Use virtual or prepaid cards
They let you set low spending limits and deactivate the card quickly if something feels suspicious. - Enable two-factor authentication
Even if someone steals your password, MFA blocks most unauthorized attempts. - Keep devices and apps updated
Outdated operating systems and browsers leave open doors that attackers know by heart. - Be suspicious of outrageous discounts
A next-gen console at a quarter of the price or a flagship smartphone with a 70% discount isn’t a lucky break. It’s bait. - Avoid public Wi-Fi for payments
Cafés, hotels and airports are ideal locations for data interception. If you can’t avoid public Wi-Fi, use a mobile hotspot or a trustworthy VPN. - Review your bank statements during peak season
Quick detection matters. A single suspicious charge is often the earliest sign of a compromised card.
Stay Updated: European Sources That Matter
To stay one step ahead, refer to trusted agencies:
- ENISA – European Union Agency for Cybersecurity
- Europol – EC3 (European Cybercrime Centre)
- NCSC (UK) – National Cyber Security Centre
- CERT-EU & national CSIRTs
- European Consumer Centres (ECC-Net) for cross-border e-commerce issues
Reading independent reviews, checking seller legitimacy and verifying real customer contacts can make the difference between scoring a deal and falling for a scam.
The Bottom Line
Digital awareness remains the strongest defence.
Technology evolves, scams evolve, but the core rule stays the same: if a deal looks too good, it probably wants more from you than your money.
