Black Friday 2025: How Scammers Are Tricking Users With Fake Discounts, Tips To Stay Safe

If you’ve been eyeing that discounted iPhone 17, a pair of Ray-Bans you swore you deserved, or a smartwatch going for half its usual price this Black Friday, it might be a good time to pause before hitting

the checkout button. Beneath the avalanche of genuine holiday deals, cybercriminals are quietly running one of their biggest scams yet. CloudSEK, a well-known cybersecurity company, has issued a serious warning after discovering more than 2,000 fake online stores disguised as top retail brands, including Amazon, Samsung, and Apple and all designed to trick shoppers into handing over personal and payment information.Fake Stores Engineered To Deceive ShoppersAccording to CloudSEK’s latest research, these websites don’t just loosely imitate the brands they’re copying. They mirror everything down to the layout, banners, colours, discounts and even those annoying but convincing pop-ups that say “Someone just bought this item.” Once a user proceeds to checkout on these fake platforms, their information is silently siphoned off through attacker-controlled payment gateways, making financial theft frighteningly easy. CloudSEK described this trend as a clear shift from scattered scams to “industrial-scale fraud,” warning that if left unchecked, it could shake consumer confidence in e-commerce during the peak shopping season.Two Massive Scam Clusters UncoveredThe investigation found that these phishing sites are not random creations but part of two massive interconnected clusters. The first cluster alone contains more than 750 fake domains, including over 170 Amazon lookalikes that mimic legitimate URLs and use identical page templates. The second cluster is even more sprawling, containing over 1,000 domains registered under the .shop extension and copying well-known names such as Apple, Ray-Ban, Logitech, Rare Beauty, Fujifilm, Samsung, Amazfit and many more. CloudSEK’s analysts believe this entire network is powered by mass-produced phishing kits, giving scammers the ability to generate cloned storefronts within hours.ALSO READ: WhatsApp Scams In India On Rise, Here Are Simple Tips To Protect Your Personal Data And MoneyHow To Stay SafeExperts are urging shoppers to be extra cautious this holiday season because the trap is now easier than ever to stumble into. Fake brand sites are being pushed through short-lived social media ads, manipulated search results and even casual WhatsApp and Telegram links among friends and family. With each fraudulent storefront pulling in hundreds of visitors and converting around 3 to 8 percent of them, CloudSEK estimates scammers can make anywhere between $2,000 and $12,000 per site before the domain gets shut down. Cybersecurity analysts and CloudSEK stress that the best defence this year is heightened awareness. When discounts feel too dramatic to be real or a website looks a little off despite seeming familiar, it’s safer to buy only through official websites or verified apps. Because in 2025, every irresistible deal may not be a deal at all and not every checkout page is what it appears to be.