As Black Friday (and Cyber Monday) approaches, the annual online sales phenomenon shows no sign of slowing down, and neither do cybercriminals looking to take advantage of the busiest shopping days of the year.

The kick-off to holiday shopping, much of which has become digital, represents a massive opportunity for cybercriminals seeking to exploit the surge in online activity. Shoppers are primed to expect hard-to-believe online bargains that they might be more suspicious of outside Black Friday/Cyber Monday. 

As of the end of October 2023, Netcraft’s research has identified a staggering 135% increase in fake retail sites blocked compared to October last year, on top of an increase of 63% over October the previous year, conveying that the annual increase more than doubled in the last 12 months over already alarming growth.

In this review, we’ll look at prominent fake retail sites identified by Netcraft and the techniques cybercriminals use to trick users and ultimately impact brand credibility and reputation. 

Fake shops exploiting Black Friday

Claiming to offer highly discounted goods, fake online shops either impersonate the websites of luxury brands and established retailers or operate across multiple brands. These properties are often a front to capture payment details (and other sensitive information). The details shoppers submit can be used directly or sold to other cybercriminals. Any goods that end up being delivered – many are not – are likely to be counterfeit.

With so many genuine sites offering significant discounts on actual products, it’s easy to see why cybercriminals exploit Black Friday and Cyber Monday themes. Here are a few examples of fake retail sites we’ve detected, starting with a site that targets US home improvement retailer Lowe’s.

Figure 1: Fake shop with ‘Black Friday’ promotion, targeting US retailer Lowe’s.

As expected, cybercriminals change their tactics to coincide …