Keep yourself safe this Black Friday: expert tips to avoid scams

Want to make sure you avoid Black Friday scams? Top experts share crucial insights on staying safe this year.

Black Friday is the biggest online shopping day of the year, and it’s also a prime time for scammers to try to take advantage of consumers.

The National Fraud Intelligence Bureau, run by the City of London Police, estimates shoppers in the UK alone lost £10.6 million to online scammers during last year’s Black Friday and Christmas shopping period.

“Regrettably, cyber criminals view this time of year as an opportunity to scam people out of their hard-earned cash,” says Felicity Oswald, Chief Operating Officer at the National Cyber Security Centre (NCSC). “The increased availability and capability of technology like large language models is making scams more convincing.”

If you don’t want to fall foul of a Black Friday scam, make sure you follow this expert advice…

Woman holding credit card and looking shocked at mobile phoneCredit: Shutterstock/Fizkes
Black Friday is a prime time for scammers to try to fool eager shoppers

1. Watch out for suspicious messages

Double check your emails and text messages

During the Black Friday deals, our inboxes are flooded with a surge of emails from retailers, enticing us to part with our cash – however, this gives fraudsters a way in.

“Black Friday gives scammers the ideal opportunity to use tactics such as phishing emails, text messages or impersonating websites to advertise fake deals and ultimately steal your personal information,” says Liz Hunter, Director at Money Expert.

One favourite trick of scammers is to send out text messages claiming to be a representative of the brand you’ve recently bought from.

“Such texts request information or claim a refund is due and usually contain links,” says Guy Bauman, Co-Founder and CMO of security app Ironvest. “Never engage with these types of messages. Instead, log in to your account to review if there are any issues with your recent orders.”

If you do suspect you’ve received a fraudulent email or text, block the user and delete the message. You might also be able to report it.

“Some email providers do enable you to report spam or phishing, which is always worth considering, as it can help stop scammers in their tracks,” advises Hunter.


Can you tell if an email is fake?

Unfortunately, scammers are getting more sophisticated, however, there are some tell-tale signs that the email is fake.

Mistakes: If you notice lots of spelling or grammar mistakes in the email, it’s probably not going to be genuine.

Dodgy email addresses: Some scammers also ‘mask’ their email address. It may look like the email comes from an official email address, but often this hides the real details. There’s an easy to way to check though.

“You can do this by clicking on the sender to see the email address it’s come from,” says Hunter. “Watch out for any misspellings or strange, unrelated email addresses. If you’re unsure, go directly to the retailer’s website instead.”

False urgency: Be wary any time someone tries to convince you that you must act now. Scammers love to use this tactic to persuade you to do what they want.

Asking to pay over the phone: Sometimes you may get an email from a retailer asking you to contact them and pay over the phone. Never do this. No genuine retailer will ask you to do this.

2. Only shop on secure websites

Look for the padlock

You can tell if a website is secure by looking for the padlock icon next to the URL in your browser’s address bar. The lock icon indicates that the website is using an SSL certificate. When you see the lock icon, you can be sure that your connection to the website is secure. It still doesn’t mean that the website is reputable or legitimate, but it does mean the connection is.

As with emails and text messages, beware of websites with poor design or grammar errors. Legitimate businesses typically invest in professional-looking websites. If a website looks like it was thrown together in a hurry, or if it has a lot of grammar and spelling errors, it’s possible that it’s a scam website.

If you’re still unsure whether a website is secure, it’s always best to err on the side of caution and avoid it. There are plenty of other websites out there that you can use without putting your security at risk.

If you want to check if a site is genuine, try using an online tool, such as F-Secure’s Online Shopping Checker. This allows you to test any online store’s URL to confirm if it’s legitimate. Not only does it detect the reliability of the store, but it also shows trust ratings so you can get all the information you need before making a purchase.

3. Pay with a credit card or PayPal

Choose the right payment method

The safest way to shop online – or even in store – is by using a credit card. This is because, unlike debit cards, they are protected by Section 75 of consumer credit law. Basically, if you buy something with your credit card and it’s faulty, broken, or never arrives, you have the right to claim the costs back through your credit card provider. It also covers you if the company goes bust.

Using a credit card is also less risky if your details are stolen. As it’s not linked to your bank account, you won’t have to worry about further fraudulent activity on the money in your account.

If you’ve only got a debit card, you may be able to apply for chargeback, a voluntary scheme, which enables you to dispute a card transaction and request your money back for something you’ve paid for.  There’s no guarantee you’ll get the money back though.

For online shopping, payment apps like PayPal, Google Pay, and Apple Pay offer security features including tokenisation. This is where they hide the payment information so retailers (and scammers) can’t see them. This helps to protect you from fraud in case the retailer’s website is hacked.

Some of them will also require multi-factor authentication, such as a code or your face, when logging on, which protects the payment further. Additionally, they offer their own dispute resolution mechanisms in case of any issues.

4. Don’t use the same password

Make them longer

It’s so tempting to reuse the same password for multiple accounts, but it’s a risky habit. If one account is hacked, attackers could gain access to all of your accounts.

The best way to protect your accounts is to use a unique, strong password for each one. You should also change your passwords regularly, especially if there is a data breach at a company where you have an account.

Passwords don’t need to be complex. In fact, a three-word passphrase is just as secure as a longer password with a mix of upper and lowercase letters, numbers, and symbols. Just choose three random words that are meaningful to you and easy to remember.


5. Be careful about sharing your personal information

Keep your cards close to your chest

Limit the sharing of your personal information to trusted retailers, and even then, there’s no need to divulge your entire life story! While there are mandatory details marked with an asterisk for purchase, you can generally omit any additional information.

The NCSC recommends refraining from creating accounts with retailers unless it’s for regular use, like your weekly supermarket shopping. If you must create an account, consider signing in with an existing account, such as Apple or Google. This is generally the safer option.

Although it might be inconvenient to enter your card details each time, it’s always safer not to save your payment information on any website. In the unfortunate event of a hack, it means your payment details won’t be compromised.

6. Don’t shop from social media

Be extra cautious

As the trend of shopping on Facebook and Instagram gains popularity for its convenience, it also presents an increased risk of scams.

Fraudsters often exploit this avenue by creating fake profiles or pages that closely resemble legitimate businesses. This deception can lead unsuspecting users to believe they are making a purchase from a reputable company, only to discover they are dealing with an imposter who may misuse their personal and financial information.

Social media platforms, unlike traditional e-commerce websites, frequently fall short in providing adequate buyer protection, which is why you can fall foul of Black Friday scams so easily. This deficiency means that should issues arise with your order, obtaining a refund or replacement may prove challenging.

“With so many shopping options across social media platforms, these retailers are really not set up to protect consumers’ personal data,” says Bauman.

If you’ve seen something you love being advertised or promoted on social media, it’s prudent to take extra steps for security. Instead of making a direct purchase through the platform, consider finding the product details and conducting a separate search on the retailer’s official website or visit the physical store.

Educate yourself

The more you know about the current scams doing the rounds, the more you can protect yourself. Most banks provide information on keeping yourself safe, while both Age UK and Which have information about the latest scams.

Other tips to keep you safe this Black Friday

Read online reviews and check the retailer’s reputation before you make a purchase.

If a deal seems too good to be true, it probably is. Black Friday scams in particularly often use amazing, but fake deals, to lure in consumers.

Review your bank statements and credit card statements regularly for any unauthorised charges.

Jayne Cherrington-Cook

Written by Jayne Cherrington-Cook she/her


Jayne is the Senior Editor at Saga Exceptional. She cut her online journalism teeth 24 years ago in an era when a dialling tone and slow page load were standard. During this time, she’s written about a variety of subjects and is just at home road-testing TVs as she is interviewing TV stars. A diverse career has seen Jayne launch websites for popular magazines, collaborate with top brands, write regularly for major publications including Woman&Home, Yahoo! and The Daily Telegraph, create a podcast, and also write a tech column for Women’s Own.

  • twitter
  • linkedin
  • Email