Black Friday shoppers beware: Scammers are targeting you


Consumers should be skeptical of ‘too good to be true’ offers

The Black Friday sales have already started and consumers are spending money on the holidays. Scammers are hoping to exploit that.

This week’s ConsumerAffairs-Trend Micro Threat Alert shows that between the first of October and the first of November, there were 34,896 Black Friday shopping-related scam URLs in the U.S. That’s a nearly 10% increase over the same period in 2022.

Jon Clay, vice president of Threat Intelligence at Trend Micro, says it’s no surprise that scammers would try to take advantage of the biggest shopping day of the year.

“In October, we already saw nearly 35,000 Black Friday-related scam sites looking to lure victims,” Clay told ConsumerAffairs. “Stay safe this holiday season and be leery of any messages you receive that seem too good to be true.” 

These scams can take many different forms. Scammers might send out fake order confirmations, issue phony tracking numbers, and set up fake websites for nonexistent retailers in an effort to victimize shoppers. 

The lure is often a steep discount on a popular, hard-to-find gift item. The Walmart scam is a prime example.

Walmart scam 

Scammers inform users that they can buy a new Samsung QLED 4K TV with Walmart points, with almost no extra payment needed. To claim the prize, victims need to provide their personal and credit card information through the link in the SMS message. 

The top five states being targeted the most in 2023, in order, are California, Florida, Texas, North Carolina and New York. 

Australia Post Scam 

Bad actors impersonate Australia Post to ask victims to update their parcel delivery and credit card information. 

The top five states being targeted the most in 2023, in order, are California, Texas, New York, Pennsylvania and Virginia.

Delivery scams are common but they usually impersonate FedEx or the U.S. Postal Service. The Australia Post scam is a little surprising to be found in the U.S. It may be because the source of the message is so unusual that victims are intrigued.

Meanwhile, a couple of phishing scams continue to show up in the Threat Alert.

Google Phishing 

Scammers impersonate Google to alert email receivers their device has been infected with suspicious viruses and ask them to click the ‘security check’ in the email body. The Trend Micro Research team detected 4,236 logs between Oct 28 to Oct 30. 

Adobe Phishing 

Bad Actors pretend to be Adobe to inform you to check your paid invoice with the share file link in the email. If victims click the button, they will be redirected to a fake Adobe website, which is linked to the scammers’ database, with many ways to log in. The Trend Micro Research team detected 174 logs on Oct 30. 

Take an Identity Theft Quiz. Get matched with an Authorized Partner.