Surge in Fake Online Shops and Holiday Shopping Scams
Cybercriminals are exploiting the holiday shopping season by launching a wave of fake online shops designed to steal financial and personal information from unsuspecting consumers. These fraudulent e-shops often mimic well-known brands or create convincing new storefronts using advanced tools such as artificial intelligence to generate realistic product descriptions and reviews. Security researchers have observed a dramatic increase in blocked fake e-shop attacks, with millions of attempts thwarted globally and a 185% spike in the United States during October compared to earlier in the year. Scammers leverage legitimate e-commerce platforms and seasonal marketing tactics, such as festive banners and countdown timers, to lure victims, while also investing in targeted ads on social media platforms like Facebook and TikTok to drive traffic to their fraudulent sites.
The sophistication and scale of these scams have grown, making it increasingly difficult for consumers to distinguish between real and fake online stores. Attackers are not only after immediate financial gain but also seek to harvest personal data for future scams. Security experts recommend heightened vigilance during peak shopping periods, as the combination of urgency, attractive deals, and professional-looking sites increases the risk of falling victim to these schemes. Staying informed about the latest scam tactics and scrutinizing online shops before making purchases are critical steps to avoid financial loss and identity theft during the holiday season.
Timeline
Dec 8, 2025
Researchers detail scam infrastructure and ad-driven distribution
The 2025 research found that many fraudulent storefronts were hosted on legitimate e-commerce platforms such as Shopify, MyShopline, and Shoplazza, with traffic driven heavily through Facebook Ads and TikTok Ads. It also described copy-paste single-product scam shops and trust-building tactics such as SSL certificates, seeded reviews, and reused older domains.
Nov 30, 2025
Global fake e-shop domains jump in October-November 2025
Researchers said they blocked nearly 260,000 fake e-shop domains worldwide across October and November 2025, roughly four times the level seen during the same shopping season a year earlier. The activity was concentrated in North America, much of Europe, and Australia.
Oct 1, 2025
U.S. fake-shop activity spikes sharply in October 2025
Gen Digital reported that fake online shop attacks in the United States surged in October 2025, with blocked attacks up 185% and targeted users up 126% compared with the January-September average. The report linked the increase to holiday shopping campaigns and discount-driven lures.
Dec 1, 2024
Fake e-shop scams surge during the 2024 holiday season
Avast reported a significant rise in fake online shop scams during the 2024 holiday season, with researchers blocking more than 21 million attacks globally in the last quarter. The company said criminals were increasingly using AI, brand impersonation, and social media ads to scale the fraud.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Sources
Related Stories
Holiday Season Surge in Online Shopping Scams and Phishing Attacks
Cybercriminals are intensifying their efforts to exploit consumers and businesses during the holiday shopping season, leveraging tactics such as SMS scams, phishing emails, and fake websites. Attackers use the urgency of holiday deals and the high volume of online transactions to increase the effectiveness of their campaigns, with AI and automation making fraudulent messages and cloned sites more convincing. Notably, the U.S. Federal Trade Commission reported $470 million in losses from text-based scams in 2024, and researchers have observed a significant rise in both the scale and sophistication of these attacks, including the use of deep-fake voices and realistic phishing lures. Businesses are also being targeted, as seen in a campaign where over 5,000 Facebook advertisers received phishing emails sent from the legitimate facebookmail.com domain, exploiting Meta's business features to bypass security filters and steal credentials. High-profile incidents, such as the attack on Marks & Spencer during a peak shopping period, highlight the financial and operational risks posed by these scams. Security experts recommend measures such as multi-factor authentication, password managers, and the use of virtual cards to mitigate risks, while also warning against trusting unsolicited messages or calls, especially those leveraging AI-driven impersonation techniques.
1 months ago
Surge in Holiday Season Cyber Threats Targeting Retailers and Consumers
Retailers experienced a significant increase in both legitimate and malicious online activity during the 2025 holiday shopping season, with Black Friday setting new records for consumer spending and cyberattacks. Automated bot attacks surged by 50%, targeting authentication, inventory, and transaction workflows, as attackers sought to exploit the extended peak shopping period and blend in with high consumer traffic. This rise in malicious activity underscores the expanding window of exposure for retailers and the need for robust defenses against account takeover attempts and automated abuse. At the same time, consumers and enterprises faced a wave of holiday-themed cyber scams, including business impersonation, phishing, fraudulent invoices, and social engineering attacks leveraging AI and cryptocurrency. Threat actors exploited the seasonal rush, increased online shopping, and distracted staff to launch scams such as fake e-cards, bogus charity requests, and payment fraud. Security experts and government advisories highlighted the importance of heightened vigilance, secure device usage, and careful validation of transactions to mitigate risks during the holiday period.
1 months ago
Industrial-Scale Retail Brand Impersonation and Malvertising Scams During Black Friday
Cybercriminals have launched widespread campaigns impersonating major retail brands through sophisticated malvertising and phishing operations in the lead-up to Black Friday. Attackers are leveraging short-form video ads and modular scam kits to create convincing phantom storefronts and fake survey reward pages, targeting consumers searching for high-demand holiday gifts. These campaigns exploit the seasonal surge in online shopping and the high volume of ad approvals, making it easier for fraudulent ads to slip through and reach large audiences. Brands such as Amazon, Walmart, Home Depot, and others are being impersonated to lure victims into providing personal information or making fraudulent purchases. Security researchers have observed that these scams are highly industrialized, with over 100 unique domains using similar fraud templates and dynamically swapping brand imagery to match trending products. The threat landscape includes not only traditional phishing and financial malware but also new vectors such as gaming-related scams and malvertising loops that redirect users to fake offers. The scale and sophistication of these operations highlight the need for increased vigilance from both consumers and ad operations teams during peak shopping periods like Black Friday and Cyber Monday.
1 months ago