As the online shopping season intensifies with Black Friday and Christmas on the horizon, retailers and consumers are being warned of a sharp rise in cyber-fraud.
The British Retail Consortium (BRC) says that with up to a third of all retail sales now expected to occur online during this period, fraudsters are “looking to exploit consumers through sophisticated scams.”
Go deeper with GlobalData
Discover B2B Marketing That Performs
Combine business intelligence and editorial excellence to reach engaged professionals across 36 leading media platforms.
Why online fraud surges during peak shopping periods
Cybercriminals typically step up activity around seasonal shopping events, exploiting the dramatic increase in website traffic.
Analysis from fraud-prevention firms shows that fraudulent e-commerce activity rises far faster than legitimate sales during high-demand periods.
According to Darktrace, phishing attacks masquerading as retailers surged by nearly 692 per cent during Black Friday week in 2024 compared to early November.
The National Cyber Security Centre (NCSC) has also raised concern about how scammers use trust in familiar brands.
US Tariffs are shifting - will you react or anticipate?
Don’t let policy changes catch you off guard. Stay proactive with real-time data and expert analysis.
By GlobalData“Cyber criminals seek to exploit this surge in spending … using trust in established brands and the seasonal popularity of products to lure people … into clicking malicious links or sharing personal and financial information,” said Jonathan Ellison, director for national resilience at the NCSC.
Practical steps for shoppers and retailers to strengthen security
The BRC report offers five clear recommendations on online shopping security for both consumers and businesses:
- Use trusted websites — navigate directly to retailers rather than following links in unsolicited messages, and double-check the URL before entering sensitive data.
- Enable multi-factor authentication (MFA) — strong, unique passwords and multi-step verification help prevent account takeover.
- Pay securely — credit cards or payment services with buyer protection are advised, since they may offer additional safeguards.
- Monitor transactions — shoppers should review bank or card statements regularly during the busy period to spot unrecognised charges.
- Avoid unsecured networks — refrain from entering payment details over public Wi-Fi; use trusted networks instead.
The NCSC also recommends stopping any transaction if something “feels suspicious,” reinforcing vigilance when pressure is on.
What retailers must prioritise as fraud risks intensify
Retailers are being urged to make fraud protection a core part of their seasonal planning.
During peak shopping periods, the risk is not just about handling order volumes, but also defending against automated bot attacks, payment fraud, and identity-based threats.
According to data from fraud-detection firms, fraud teams have faced heavy strain — manual transaction reviews increase as automated defences are stretched.
Meanwhile, pre-built attack scripts (“configs”) are being deployed in the run-up to Black Friday, not just on the day itself, meaning fraudsters begin testing infrastructure earlier. Kasada
The BRC warns that “don’t let a Christmas deal turn into a Christmas disaster.” For retailers, that means:
- deploying real-time monitoring tools capable of spotting abnormal transaction patterns,
- auditing third-party services (e.g., payment gateways) for security vulnerabilities,
- educating customers on how to recognise fraudulent domains, and
- communicating clearly about how and when they will legitimately contact consumers.
Retailers operating across borders should also factor in regulatory differences around fraud protections, payment-card rules, and incident response.
In an era when e-commerce fraud is escalating, investing in robust online security is no longer optional — it’s fundamental to protecting customer trust and defending brand integrity.
