Cybercriminals Exploit Black Friday Frenzy: Over 2 Million Phishing Attacks Target Shoppers and Gamers
As the 2025 Black Friday shopping season unfolds, cybercriminals are capitalizing on the surge in online activity, launching over 2 million phishing attacks aimed at unsuspecting shoppers and gamers worldwide. This alarming trend underscores the need for heightened vigilance during peak retail periods.
Escalation of Phishing Attacks
The global e-commerce sector has been experiencing steady growth, with annual increases of 7-9%. Cyber attackers have adapted their strategies to exploit this expansion, particularly during high-traffic events like Black Friday. In 2025, the gaming industry has emerged as a prime target, with malicious campaigns masquerading as popular platforms such as Discord and Steam.
From January to October 2025, security analysts blocked nearly 6.4 million phishing attempts across online stores, payment systems, and banking institutions. Notably, 48.2% of these attacks were directed at online shoppers, a significant rise from 37.5% in 2024. In the first half of November alone, over 146,000 Black Friday-themed spam messages were detected, with cybercriminals impersonating major brands like Amazon, leading to 606,369 blocked phishing attempts.
Gaming Platforms Under Siege
The gaming community has faced an unprecedented surge in cyber threats, with over 20 million attack attempts recorded in 2025. Attacks related to Discord have increased more than fourteenfold compared to the previous year, reaching 18.5 million attempted breaches. This spike is linked to platform restrictions introduced in late 2024, which drove users toward unofficial clients and proxy tools, thereby expanding the attack surface for threat actors distributing fake installers and malicious updates.
Sophisticated Attack Mechanisms
Technical analyses reveal that attackers are employing advanced delivery methods. RiskTool variants, which conceal files and mask processes to enable persistent abuse such as covert crypto-mining operations, account for 17.8 million detections. Downloaders, often embedded in unofficial patches or cracked game clients, rank second with 1.3 million detections. Banking Trojans remain active, with over 1.09 million attacks recorded globally. These Trojans use web injection and form-grabbing techniques to capture login credentials when users visit targeted checkout pages during transactions.
Deceptive Tactics and Impersonation
Cybercriminals are employing increasingly sophisticated tactics to deceive consumers. Scam pages often feature countdown timers, urgency messaging, and polished layouts that closely mimic official promotions. Once victims submit their credentials or payment details, attackers gain full account access, enabling them to steal in-game assets or execute fraudulent transactions.
Rise in Fraudulent Domains
The proliferation of fraudulent domains is a significant concern. In October 2025, there was a 93% increase in Black Friday-themed domain registrations, totaling 158 domains, with early November seeing 330 more in just 10 days. Alarmingly, about 1 in 11 of these domains were found to be malicious. Additionally, over 1,500 new domains impersonating major online retailers like Amazon, AliExpress, and Alibaba appeared in October—a 24% rise from September—with 1 in 25 labeled malicious. These fraudulent domains aim to exploit shoppers seeking holiday deals by stealing data, passwords, and even money.
Generative AI: A Double-Edged Sword
The advent of Generative Artificial Intelligence (GenAI) tools has accelerated the creation of realistic and localized scam sites. While there’s no direct proof that AI was used in these specific scams, its growing adoption could lead to more sophisticated, harder-to-detect threats in future cyber campaigns.
Protective Measures for Consumers
To safeguard against these escalating threats, consumers are advised to:
– Verify Website Authenticity: Scrutinize URLs for subtle misspellings and ensure the presence of secure connections (https://).
– Be Cautious with Unsolicited Communications: Avoid clicking on links or downloading attachments from unknown or unverified sources.
– Utilize Strong, Unique Passwords: Employ complex passwords and consider using password managers to manage them securely.
– Enable Two-Factor Authentication (2FA): Add an extra layer of security to accounts by enabling 2FA where available.
– Keep Software Updated: Regularly update operating systems, browsers, and security software to protect against known vulnerabilities.
Conclusion
The 2025 Black Friday season has highlighted the evolving landscape of cyber threats, with attackers leveraging the shopping frenzy to target both consumers and gamers. By staying informed and adopting robust cybersecurity practices, individuals can navigate the holiday season more safely and securely.
