- Experts warn that cybercriminals are taking advantage of the urgency of holiday shopping to steal sensitive consumer information.
- NordVPN finds fake Amazon sites up 232%, while eBay is up 525%
- Users should check URLs and verify HTTPS before entering information.
As phishing attacks on online shopping platforms increase ahead of Black Friday, major concerns have been raised about protecting the security of holiday shopping.
According to NordVPN’s new national privacy test, more than two-thirds (68%) of consumers worldwide cannot reliably identify phishing websites.
This lack of awareness becomes especially dangerous during the holiday season, when shoppers often click on links in promotional emails or look for deals in unfamiliar online stores.
Scam season
NordVPN systems reported a 36% increase in phishing activity between August and October 2025. This shows how cybercriminals increase their efforts during peak shopping periods, while Black Friday and Cyber Monday create ideal conditions for bad actors.
“Sales events like Black Friday are a goldmine for cybercriminals. Fraudsters take advantage of the hype around good deals and flash sales because they know early buyers are more likely to click on malicious links or share personal information without thinking,” said Marijus Briedis, Chief Technology Officer (CTO) at NordVPN.
Criminals design fraudulent emails that look like delivery notifications or exclusive offers, taking advantage of the buyer’s rush with limited-time offers.
The number of malicious websites impersonating major retailers has increased, including Amazon. NordVPN reported a 232% increase in fake Amazon sites in October compared to September, while fake eBay sites increased by 525%.
These fraudulent platforms often request sensitive information or offer counterfeit products, putting consumers at direct financial risk.
Experts recommend always shopping on retailers’ official websites and checking URLs for “lock symbols” before entering any personal information.
Transactions well below market value should be treated with suspicion.
“Sometimes during big online shopping events, the basics of cyber security are forgotten,” explains Briedis.
“Buyers should never click on links in unsolicited emails, even if they come from legitimate websites. Instead, go directly to the official website. Read customer reviews and filter from worst to best to identify recurring complaints.”
Traditional cybersecurity measures, such as updating anti-virus software and using a strong firewall, are still important to prevent unauthorized access.
Cybercriminals are increasingly using automated AI tools and scripts to create phishing pages and pretend to be legitimate retailers.
These tools can streamline legitimate operations, but also allow criminals to quickly escalate their attacks, increasing the number of potential victims.
Therefore, companies must be vigilant and combine technical security measures with user education to reduce exposure.