Threat Actors Exploiting Black Friday Shopping Hype – 2+ Million Attacks Recorded
Summary:
According to a new report from Kaspersky, in 2025, the cybersecurity firm observed millions of attacks aimed at online shoppers, payment-service users, and digital marketplace customers, with threat actors intensifying their activity during peak retail periods like Black Friday. Between January and October 2025, nearly 6.4 million phishing attempts were blocked across online stores, payment systems, and banks. Kaspersky says 48.2% of these phishing attempts targeted online shoppers directly, a sharp increase from 37.5% in 2024. The security firm also observed over 146,000 Black Friday-themed messages in the first two weeks of November, with attackers impersonating popular brands like Amazon, which accounted for 606,369 blocked phishing attempts. Notably, 1.09 million banking trojan attacks have been recorded thus far during the 2025 Black Friday season. Furthermore, Kaspersky identified that gaming platforms experienced an unprecedented surge in malicious activity, with over 20 million attack attempts recorded in 2025.
Security Officer Comments:
With Black Friday and the holiday season approaching, scams are likely to surge as cybercriminals take advantage of the heightened volume of online shopping and the urgency created by limited-time deals. During these peak seasons, individuals tend to look for promotions as they shop around for gifts. Seeing this opportunity, actors will generate convincing phishing emails advertising discounts for various products and create fake sites mimicking well-known retailers to siphon funds and infect unsuspecting end users with various payloads, such as banking trojans
Suggested Corrections:
With holiday advertising flooding inboxes and social media feeds, fake messages can easily blend in with real ones. This makes it easier for people to click on bad links, enter their credit card details on fake websites, or fall for deals that seem too good to be true.
To avoid falling victim to scams during the holidays, shoppers should always double-check links and websites before entering personal or payment information. It’s also important that shoppers stick to trusted retailers and avoid clicking on promotional links from emails or texts.
Link(s):
https://cybersecuritynews.com/threat-actors-exploiting-black-friday-shopping-hype/
According to a new report from Kaspersky, in 2025, the cybersecurity firm observed millions of attacks aimed at online shoppers, payment-service users, and digital marketplace customers, with threat actors intensifying their activity during peak retail periods like Black Friday. Between January and October 2025, nearly 6.4 million phishing attempts were blocked across online stores, payment systems, and banks. Kaspersky says 48.2% of these phishing attempts targeted online shoppers directly, a sharp increase from 37.5% in 2024. The security firm also observed over 146,000 Black Friday-themed messages in the first two weeks of November, with attackers impersonating popular brands like Amazon, which accounted for 606,369 blocked phishing attempts. Notably, 1.09 million banking trojan attacks have been recorded thus far during the 2025 Black Friday season. Furthermore, Kaspersky identified that gaming platforms experienced an unprecedented surge in malicious activity, with over 20 million attack attempts recorded in 2025.
Security Officer Comments:
With Black Friday and the holiday season approaching, scams are likely to surge as cybercriminals take advantage of the heightened volume of online shopping and the urgency created by limited-time deals. During these peak seasons, individuals tend to look for promotions as they shop around for gifts. Seeing this opportunity, actors will generate convincing phishing emails advertising discounts for various products and create fake sites mimicking well-known retailers to siphon funds and infect unsuspecting end users with various payloads, such as banking trojans
Suggested Corrections:
With holiday advertising flooding inboxes and social media feeds, fake messages can easily blend in with real ones. This makes it easier for people to click on bad links, enter their credit card details on fake websites, or fall for deals that seem too good to be true.
To avoid falling victim to scams during the holidays, shoppers should always double-check links and websites before entering personal or payment information. It’s also important that shoppers stick to trusted retailers and avoid clicking on promotional links from emails or texts.
Link(s):
https://cybersecuritynews.com/threat-actors-exploiting-black-friday-shopping-hype/