That Black Friday bargain might be a sophisticated AI scam – and they’re harder to spot than ever

Black Friday has become a make-or-break moment in retail. With online sales climbing by over 30%during the four-day window from Black Friday to Cyber Monday when there are already over 1 billion e-commerce transactions annually in SA, this single weekend represents the biggest revenue spike of the year for most retailers.

It’s also a lucrative time for cybercriminals. This year, the threat has evolved beyond the misspelled emails of the past. Thanks to easily accessible AI tools, scams have a new, sophisticated dimension, making it harder than ever to distinguish between a real deal and a clever fake.

It just isn’t enough to be on the lookout for bad grammar; shoppers and retailers are up against polished phishing sites and fake emails that successfully blur the line between legitimate and fraudulent communication.

A perfect storm for cybercrime

The combination of a surge in transactions and the pressure to process sales quickly creates the ideal conditions for phishing attacks. Retailers face attacks targeting their customers, as well as those aimed directly at their business operations. These include fraudulent supplier invoices, fake order cancellations with malicious attachments, and emails appearing to come from managers authorising urgent payments.

Cybercriminals can now use AI to produce professional, personalised attacks at scale that closely mimic a retailer’s brand voice and website.

The business cost of a single click

For retailers, the damage from a successful phishing attack is rarely limited to a single compromised mailbox. The consequences can be severe, ranging from losses due to fraudulent payments and ransomware demands to the loss of vital Black Friday sales from system downtime.

Phishing remains a leading entry point for ransomware. An attack that brings online platforms to a standstill can erode hard-earned customer trust. Even if the retailer’s own systems weren’t breached, customers associate the fraud with the brand. And the toll doesn’t stop when systems recover. After an incident, businesses typically experience higher resignation rates, further impacting company culture, morale, and workforce stability. Additionally, should a data breach occur, the POPIA Act requires that the Information Regulator and all affected individuals are notified.

How retailers build cyber resilience

Cyber resilience is built long before the sale banner goes live. Any meaningful roadmap considers people, technology, and processes simultaneously.

On the technology front, this means ensuring email security gateways are correctly configured and that protocols are in place to prevent domain spoofing – a common tactic used to impersonate retail brands. It is essential to regularly review firewall configurations, too, and making sure to avoid common firewall mistakes.

People are a retailer’s last line of defence. Regular and realistic awareness training is key. Simulate the types of phishing attacks employees are likely to encounter, from fake customer refunds to urgent order queries. Finally, every retailer should have a tested incident response plan that defines exactly what happens if a breach is detected, helping to avoid confusion in the heat of the moment.

Five ways to protect yourself this Black Friday

A little extra caution can go a long way in making sure you aren’t left out of pocket. Here are five key tips for bargain hunters:

If a deal looks too good to be true, it is. A brand-new television or popular gaming console advertised at more than 50% off is a major red flag for a scam. Be highly sceptical of unbelievable offers.
Go directly to the source. Rather than clicking on links in emails or social media ads, type the website address of the retailer you know and trust directly into your browser. This prevents you from being redirected to a fake, lookalike site.
Use secure payment methods. Only use secure payment services and never share your one-time pin (OTP) or banking passwords with anyone. Avoid making payments when connected to public Wi-Fi, which can be insecure.
Protect your information. Be cautious about sharing personal information online. There is no reason a retailer needs your ID number or date of birth to process a sale.
Keep your devices updated. Ensure the security software on your phone and computer, like antivirus and firewalls, is installed and up to date. Leaving the “install update” notification untouched on your phone is a risky thing to do.

Major shopping holidays will always be a test of retail readiness. The good news is that with the right preparation and a healthy dose of caution, both retailers and shoppers can make the most of the sales without compromising on security.