Black Friday shopping scams are on the rise - experts warn many new domains could be dodgy, here's what to look for

News
By published

Be careful with sites having 'Black Friday' in their domain name

Young couple browsing the internet on a laptop.
(Image credit: Getty Images)
  • Check Point reports surge in Black Friday-themed domains, with nearly 10% flagged as malicious
  • October 2025 alone saw 1,519 new domains impersonating major ecommerce brands, with 1 in 25 deemed harmful
  • Researchers warn GenAI tools may accelerate creation of localized phishing sites, increasing risk this shopping season

During October 2025 and the first few weeks of November, there has been a spike in new domain registrations themed around Black Friday - however experts have warned many of these domains are malicious, abusing the discount-hunting frenzy to steal people’s data, passwords, and possibly even money.

A new report from cybersecurity researchers Check Point claims October 2025 saw 158 new Black Friday-related domains, up 93% over the 2025 monthly average, and early November 2025 has been even more intense, with 330 new domains emerging just in the first 10 days of the month.

Of those domains, almost a tenth (one in eleven) was classified as malicious.

The dangers of GenAI

Besides domains who have the words “Black Friday” in their name, there are also many new domains impersonating major ecommerce brands that also popped up in recent weeks. These too, Check Point argues, are built solely to take advantage of Black Friday.

In October, there were 1,519 new domains referencing sites such as Amazon, AliExpress, or Alibaba, which is a 24% increase compared to September 2025, and a 12% increase compared to the same period last year. Of these websites, 1 in 25 was deemed malicious.

Generally speaking, Check Point argues that the volume has been more or less consistent, in relation to previous years.

However, the researchers have also warned about Generative Artificial Intelligence (GenAI) tools speeding up the process of new website generation, hinting that the threat of malicious landing pages - especially localized ones - is significantly bigger this year.

“Creating and localizing this type of operation is significantly faster and easier with modern generative AI tools,” Check Point said.

“While there is no clear evidence that AI was used in these specific cases, attackers are increasingly adopting such tools, which will make future campaigns broader, more targeted, and more difficult to detect.”

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.