New Delhi: The Black Friday sale, which traditionally marks the start of Christmas shopping season and is the busiest shopping day of the year in the United States, has caught on in India too.
Unfortunately, scamsters have jumped onto the bandwagon to cash in by luring unsuspecting consumers.
Even as you look for hefty and attractive discounts on iPhone 17 sets, Ray-Bans, or a smartwatch, you have to think twice before making the payment to complete the purchase.
Most of the deals being offered online are genuine, but cybercriminals are lurking out there with a web of scams.
Cybersecurity firm CloudSEK issued a warning after uncovering more than 2,000 fake, holiday-themed online stores impersonating top brands such as Amazon, Samsung, Apple and Jo Malone.
CloudSEK reported that cybercriminals are operating one of the largest and most sophisticated phishing ecosystems seen in recent years.
Their modus operandi is to design fake websites which look very similar to real online stores with festive banners, countdown clocks, fake trust badges and pop-ups showing ‘recent purchases’.
The report, based on thorough research, states every step of how the scam unfolds. Once users choose the product and proceed to checkout, their information is redirected through attacker-controlled payment portals, enabling financial theft with great efficiency.
It has been described as “a shift from isolated scams to industrial-scale fraud.”
Without swift intervention, these operations could lead to “significant consumer losses and undermine confidence in e-commerce during the busiest shopping period of the year.”
The network of the scam is being amplified by social media ads, search engine manipulation and also links circulated through WhatsApp and Telegram groups.
According to the research, each fake store attracts hundreds of visitors, and converts between 3 per cent and 8 per cent of them into victims.
The investigation identified two massive clusters of interconnected phishing websites.
The first cluster includes more than 750 linked domains, featuring around 170 Amazon-themed lookalikes with names that mimic legitimate URLs. These fake sites use identical templates, discounts and bogus social proof to lure victims.
The second cluster spans over 1,000 domains registered under the .shop extension. These sites copy popular brands using a standardised Black Friday or Cyber Monday layout.
“The second cluster spans a broad .shop ecosystem and includes domains that appear to mimic well-known consumer brands – such as Apple, AMD, Dell, Cisco, Logitech, Toshiba, Ray-Ban, Nivea Men, Paula’s Choice, Rare Beauty, SK Hynix, 8BitDo, Viomi, Tim Hortons, Aetna, Ahava, Olympus, Snapple, Fiio, Gotrax, Meetion, Yale, Xiaomi, Jo Malone, Fujifilm, Amazfit, COSRX, Samsung, Garmin, Shark, HP, Seagate, and Omron – based on naming patterns and shared template characteristics,” the report said.
How to stay safe in holiday season
Shoppers have been urged to remain extra vigilant during this year’s Black Friday and Cyber Monday sales.
Watch out for following warning signs:
* Unrealistic discounts of 70–90 per cent
* Countdown timers or urgent ‘last few left’ pop-ups
* Misspelt or unusual URLs that slightly differ from official domains
* Fake trust seals or unverified certificates
* Checkout pages that redirect to unfamiliar sites
* Recycled layouts used across multiple “brands”
* No verifiable customer support contact information.
According to experts, the safest way to shop is through official brand websites, verified apps, or trusted marketplaces such as Amazon or Flipkart.