Surge in Holiday Season Cyber Threats Targeting Retailers and Consumers
Retailers experienced a significant increase in both legitimate and malicious online activity during the 2025 holiday shopping season, with Black Friday setting new records for consumer spending and cyberattacks. Automated bot attacks surged by 50%, targeting authentication, inventory, and transaction workflows, as attackers sought to exploit the extended peak shopping period and blend in with high consumer traffic. This rise in malicious activity underscores the expanding window of exposure for retailers and the need for robust defenses against account takeover attempts and automated abuse.
At the same time, consumers and enterprises faced a wave of holiday-themed cyber scams, including business impersonation, phishing, fraudulent invoices, and social engineering attacks leveraging AI and cryptocurrency. Threat actors exploited the seasonal rush, increased online shopping, and distracted staff to launch scams such as fake e-cards, bogus charity requests, and payment fraud. Security experts and government advisories highlighted the importance of heightened vigilance, secure device usage, and careful validation of transactions to mitigate risks during the holiday period.
Timeline
Dec 16, 2025
Security firms publish holiday cyber-risk guidance for organizations
Security guidance published during the holiday season warned that distracted staff, remote work, public Wi-Fi, BYOD, phishing, and business email compromise-style fraud increase enterprise risk. Recommended mitigations included MFA, least-privilege access, patching, monitoring, employee training, vendor verification, network segmentation, and tested incident response and backup plans.
Dec 16, 2025
Treasury warns of holiday scam surge using AI and cryptocurrency
The U.S. Department of the Treasury issued an advisory warning that holiday-season scams are surging, with criminals exploiting online shopping, charitable giving, and gift card purchases. The advisory highlighted business impersonation, fake charities, and gift card draining, and noted the use of AI voice cloning, deepfakes, and cryptocurrency to make fraud more convincing and harder to trace.
Nov 28, 2025
Black Friday 2025 drives record online sales and bot attack surge
During Black Friday 2025, U.S. online retail spending reached a record $11.8 billion and retail web traffic rose 37% through the weekend. At the same time, bot attacks against retailers increased 50%, targeting authentication, inventory, and transaction endpoints, especially in the US, UK, and Australia.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Sources
Related Stories
Holiday Season Surge in Online Shopping Scams and Phishing Attacks
Cybercriminals are intensifying their efforts to exploit consumers and businesses during the holiday shopping season, leveraging tactics such as SMS scams, phishing emails, and fake websites. Attackers use the urgency of holiday deals and the high volume of online transactions to increase the effectiveness of their campaigns, with AI and automation making fraudulent messages and cloned sites more convincing. Notably, the U.S. Federal Trade Commission reported $470 million in losses from text-based scams in 2024, and researchers have observed a significant rise in both the scale and sophistication of these attacks, including the use of deep-fake voices and realistic phishing lures. Businesses are also being targeted, as seen in a campaign where over 5,000 Facebook advertisers received phishing emails sent from the legitimate facebookmail.com domain, exploiting Meta's business features to bypass security filters and steal credentials. High-profile incidents, such as the attack on Marks & Spencer during a peak shopping period, highlight the financial and operational risks posed by these scams. Security experts recommend measures such as multi-factor authentication, password managers, and the use of virtual cards to mitigate risks, while also warning against trusting unsolicited messages or calls, especially those leveraging AI-driven impersonation techniques.
1 months ago
Surge in Fake Online Shops and Holiday Shopping Scams
Cybercriminals are exploiting the holiday shopping season by launching a wave of fake online shops designed to steal financial and personal information from unsuspecting consumers. These fraudulent e-shops often mimic well-known brands or create convincing new storefronts using advanced tools such as artificial intelligence to generate realistic product descriptions and reviews. Security researchers have observed a dramatic increase in blocked fake e-shop attacks, with millions of attempts thwarted globally and a 185% spike in the United States during October compared to earlier in the year. Scammers leverage legitimate e-commerce platforms and seasonal marketing tactics, such as festive banners and countdown timers, to lure victims, while also investing in targeted ads on social media platforms like Facebook and TikTok to drive traffic to their fraudulent sites. The sophistication and scale of these scams have grown, making it increasingly difficult for consumers to distinguish between real and fake online stores. Attackers are not only after immediate financial gain but also seek to harvest personal data for future scams. Security experts recommend heightened vigilance during peak shopping periods, as the combination of urgency, attractive deals, and professional-looking sites increases the risk of falling victim to these schemes. Staying informed about the latest scam tactics and scrutinizing online shops before making purchases are critical steps to avoid financial loss and identity theft during the holiday season.
1 months ago
Surge in Account Takeover Attacks Targeting Online Retailers and Consumers
Cybercriminals are increasingly exploiting the holiday shopping season to launch account takeover (ATO) attacks against online retailers and their customers. The surge in online traffic during peak shopping periods creates opportunities for attackers to blend in with legitimate users, using automated tools and AI-driven bots to compromise accounts and access sensitive information such as payment details, loyalty points, and personal data. According to industry reports, ATO attacks have risen sharply, with a 40% increase in 2024 and over 50% since 2022, driven by the widespread availability of stolen credentials and the expanding digital footprint of businesses. The FBI has issued warnings about the growing prevalence of ATO fraud schemes, highlighting the sophistication of attackers who employ credential stuffing, credential cracking, and brute force techniques to gain unauthorized access. These attacks often go undetected until significant financial losses and customer frustration occur. Retailers are urged to strengthen authentication processes and monitor for suspicious login activity, especially during high-traffic periods, to mitigate the risk of account compromise and fraud.
1 months ago