Black Friday Spam Report 2024: 3 in 4 Spam Emails Are Scams, Bitdefender Antispam Lab Warns

Did you think cybercriminals and scammers wait until the biggest shopping event of the year to strike? Think again.

Researchers at Bitdefender’s Antispam Lab team have been monitoring Black Friday-themed spam since October, and cybercriminals have wasted no time trying to capitalize on the frenzy. From phishing emails impersonating trusted brands to sophisticated malware campaigns, the holiday season has proven fertile ground for all kinds of fraudulent and malicious activity.

This article aims to educate and protect consumers by raising awareness about cybercriminal activities, including scams, phishing campaigns, and fraudulent schemes. These activities also harm legitimate companies, as scammers exploit their credibility and reputation to deceive consumers.

Note: All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

Below, we'll examine the latest findings from Bitdefender’s Antispam Lab, highlighting the growing trends, creative tactics, and diverse range of victims targeted in Black Friday-themed scams of 2024.

Viorel Zavoiu, senior researcher at Bitdefender Antispam Labs helped us compile some interesting stats for Black Friday scams:

Key Findings

• 3 out of 4 Black Friday spam emails are scams: An analysis by Bitdefender’s Antispam Lab team reveals that 77% of all Black Friday-themed spam emails in 2024 were scams, a 7% increase from 2023.
• The US and Europe remain the top targets: The United States received 38% of all Black Friday-themed spam, while Europe accounted for 44% of global spam activity, with Germany and France among the most targeted countries.

• The US and Europe also dominate in spam (scam) activity: 66% of Black Friday-themed spam originated from the US, according to Bitdefender Antispam telemetry, while Europe accounts for 23% of spam origin, with countries such as France, the Netherlands and Germany leading. Countries in Asia are also present, with 6% of Black Friday spam (by volume) sent from IP addresses in Indonesia, Japan, and China.

• Sophisticated Campaigns Targeting Specific Demographics: Scammers tailored campaigns for tech enthusiasts (fake gadget deals), fashion lovers (fraudulent luxury goods), and grocery shoppers (Tesco and Costco survey scams).
• Malicious Campaigns: A Grandoreiro banking Trojan campaign in Spain targeted users with malicious emails disguised as legitimate Fnac purchase confirmations, stealing banking credentials.

Black Friday Spam Trends in 2024

Spam activity surged in the lead-up to Black Friday, with a noticeable uptick starting in late October. According to data gathered between Oct. 1 and Nov. 17, 2024, Black Friday spam rates peaked at over 6% of total Black Friday Spam email volume, showing a significant increase compared to early October. The spikes in activity align with the shopping season's momentum as scammers leverage the heightened consumer interest in deals.

Black Friday-Themed Spam Classification: 2024 vs. 2023

This year, 77% of all Black Friday-themed spam (by volume) analyzed by Bitdefender’s Antispam Lab team was classified as scams, while only 22% was identified as marketing lures—emails designed to drive traffic to legitimate but overly aggressive promotions.

In 2023, 7 out of every 10 Black Friday-themed spam emails were scams, compared to 2024, when this figure rose to 3 out of every 4 emails. This 7% increase in scam prevalence underscores the greed and daring of cybercriminals, who increasingly leverage fake offers and phishing tactics to exploit consumer shopping behaviors and trends.

Did somebody say scams?

The sky’s the limit regarding the portfolio of 2024 Black Friday scams.

One of the most notable features of Black Friday scam campaigns this year is their diversity. Scammers have tailored their messages and tactics to appeal to different groups of shoppers, ranging from tech enthusiasts to fashion aficionados, with campaigns targeting various demographics and regions.

Targeting Tech Enthusiasts

• Fraudulent emails impersonating Fnac in Spain: Malicious emails falsely claimed that users’ orders (e.g., iPhones) were ready for shipment, with a PDF attachment delivering the Grandoreiro Trojan to steal banking credentials.
• Fake gadget deals: Scammers impersonated brands like Amazon to offer unbelievable discounts on smartphones, tablets, and other electronics.

Targeting Fashion Lovers

• Luxury Handbag Fraud: Fake websites mimicked designer brands like Louis Vuitton, Hermes, and Chanel to lure buyers with deep discounts.
• Ray-Ban Sunglasses Scam: Phishing emails advertised Ray-Ban sunglasses for as little as $27.99, redirecting users to phony sites.
• Fake Shein offers targeting France and Italy: Fraudulent ads falsely claimed to offer Shein Mystery Box discounts, tricking users into submitting payment details.

Targeting Grocery and Household Shoppers

• Survey Scams: Survey scams claiming to offer exclusive rewards from Tesco and Costco tricked victims into sharing sensitive details under the guise of Black Friday promotions. These scams capitalized on the trust associated with these household brands to appear more legitimate.

Other

• Tesla/Elon Musk Endorsements: a scam campaign promoting the “Alpha Heater” falsely claimed to be endorsed by Elon Musk.

This diversity in spam tactics shows cybercriminals' adaptability and their effort to appeal to as many demographics as possible. The campaigns varied by product type and were also tailored to specific regions, exploiting cultural and shopping preferences to maximize their reach and impact.

Notable Scam Tactics and Impersonated Brands

As in our previous Black Friday scam trends analysis, scammers leaned heavily on impersonating trusted brands and leveraging psychological tactics such as urgency and exclusivity. Fraudulent emails promised exclusive or early access to Black Friday deals and rewards in exchange for survey participation or irresistible discounts on mystery boxes for submitting payment details.

Counterfeit Rolex watches, Louis Vuitton bags, and Ray-Ban sunglasses are among the recurring themes and usual suspects in this year’s Black Friday scam agenda, with scammers luring shoppers with realistic websites and too-good-to-be-true prices.

Users in Spain Targeted by Banking Trojan Malware

A sophisticated campaign using a banking Trojan from the Grandoreiro malware family has been detected targeting Spanish consumers.

The attackers sent out malicious emails with the subject line "Productos preparados para el envío - Ref. Black Friday Apple." These emails impersonated Fnac, falsely claiming that the recipient's order was ready for shipment. Attached was a PDF file designed to download and execute the Grandoreiro banking Trojan, which steals banking credentials and facilitates unauthorized financial transactions.

To protect against compromise, we recommend users avoid opening attachments from unsolicited emails, use robust antivirus tools to detect and block banking Trojans, and enable two-factor authentication (2FA) for their online banking accounts.

Special thanks to Victor Vrabie from Bitdefender Labs for his analysis of this malware, which provided invaluable insights into its operation.

Here are some notable examples of scam emails:

What Do Scammers Want?

Scammers orchestrating Black Friday-themed spam campaigns aim to exploit consumer trust and excitement during the shopping season to achieve two primary objectives:

1. Gather Personal Information

Many scams are designed to harvest sensitive personal data, such as:

• Names, addresses, and phone numbers: Often collected through fake surveys or fraudulent "giveaway" forms.
• Login credentials: Targeted via phishing emails that impersonate trusted brands like Amazon, tricking victims into entering account details on fake websites.
• Banking and financial information: Collected through malware (e.g., the Grandoreiro Trojan) or fake payment pages on counterfeit e-commerce sites.

With this information, scammers can commit identity theft, create fake accounts, or sell the data on dark web marketplaces.

2. Steal Money

Many scams aim to access victims’ funds by:

• Tricking users into fake purchases: Counterfeit websites offering luxury items like Louis Vuitton bags or Ray-Ban sunglasses deceive users into paying for products that are either counterfeit or never delivered.
• Malware campaigns: Banking Trojans like Grandoreiro enable unauthorized financial transactions by stealing banking credentials.
• Survey scams: Campaigns impersonating brands like Tesco and Costco lure users into providing payment details under the pretense of claiming rewards.

Quick Black Friday Shopping Safety Check

To safeguard yourself during the Black Friday shopping season:

• Verify sources: Check sender details and website URLs for authenticity
• Avoid clicking links: Rather than clicking on any unsolicited links, visit retailer websites directly.
• Use Bitdefender Scamio: Leverage its advanced tools to verify links and emails containing Black Friday deals.

Bitdefender Scamio is a must-have scam detection tool for netizens who want to steer clear of scams and malicious ads while browsing or interacting on their social media feeds. Scamio is our FREE on-demand scam detector you can use to check for any scammy link or proposal you see online.

Scamio can analyze any texts, messages, links, QR codes, or images and give you a verdict on whether they are part of a scam. Scamio is available on Facebook Messenger, WhatsApp, your web browser and Discord. 

Let’s see what Scamio had to say about one of the spam emails we shared:

• Use security solutions:  Bitdefender security solutions use cutting-edge technology to shield you from new and existing threats and provide comprehensive anti-scam layers to ensure you don’t fall victim to scammers and cybercriminals this shopping season.
• Be wary of surveys: Scammers use fake surveys to lure shoppers with Black Friday deals and gift cards. You should always double-check if a survey is the real deal before handing over any information.