Black Friday bargain hunters warned of enhanced online scams after millions lost last year

Published
11/24/2023

  • Increased consumer vigilance urged as AI generated scams enhance the threat to this year’s festive shoppers, as it’s revealed over 7 in 10 British people worry that AI will make it easier for criminals to commit online fraud.
  • Shoppers lost over £10 million to cyber criminals during last year’s festive shopping period, with 25–34 year olds most likely to fall victim.
  • National campaign launched to promote Cyber Aware behaviours to help shoppers protect themselves online.

Cyber security chiefs are encouraging Black Friday bargain hunters to increase their vigilance this shopping season as online fraudsters are likely to use artificial intelligence (AI) to increase the perceived legitimacy of their scams.

The National Cyber Security Centre (NCSC) – which is a part of the UK’s intelligence agency GCHQ – is warning that cyber criminals are likely to use AI technology such as large language models to produce more convincing scam emails, fake adverts, and bogus websites.

While AI offers huge opportunities for society, it can also be exploited by fraudsters to help them produce accurate and professional looking content intended to dupe victims into giving away their financial details or download malware on an increasingly large scale.

The warning comes as new data from Revealing Reality/Yonder found that 72% of British people are worried that new technology such as AI will make it easier for criminals to commit online fraud.

Previously, scams could often be identified by features such as poor grammar or spelling, come from an unusual email address, or feature imagery or design that feels ‘off’. But while AI might generate more polished communication in phishing attempts, many of the typical hallmarks of a scam remain the same.

The NCSC is urging shoppers to look out for:

  1. Urgency: Are you told you only have a limited time to respond? Criminals often threaten negative consequences or costs.

  2. Scarcity: Is the message offering something in short supply? Fear of missing out on a good deal can make you respond quickly.

  3. Current events, such as Black Friday: Criminals will often exploit current news stories or specific times of year to make their scam seem more relevant.

Shoppers are also being reminded that while scams are increasingly convincing, it is even more important to have basic security measures in place when it comes to email security, including switching on 2-step verification (2SV) and have a strong password made up of three random words.

Felicity Oswald, NCSC Chief Operating Officer, said:

“As we enter the Black Friday and festive shopping period, online shoppers will naturally be on the lookout for bargain buys.

“Regrettably, cyber criminals view this time of year as an opportunity to scam people out of their hard-earned cash, and the increased availability and capability of technology like large language models is making scams more convincing.

“I would urge shoppers to follow the steps in our online shopping guidance, which includes setting up two-step verification and using passwords with three random words, so they’re easier to remember and harder to hack.”

Anti-Fraud Champion Anthony Browne said:

“I work closely with the government and the private sector to ensure we work together to keep people safe from fraud and changes we are bringing in will make a difference.

“There are, however, steps we can all take to protect our safety and the NCSC’s Cyber Aware campaign offers vital guidance which can help us do that.

“With one in 17 adults falling victim to fraud over the past year, it is vital we all take this guidance on board to keep our hard-earned money out of scammers pockets.”

The warning comes as new data published by the National Fraud Intelligence Bureau (NFIB), which is run by the City of London Police, revealed that British people lost £10.6 million to online scammers between November 2022 and January 2023 – with each victim losing £639 on average.

The figures, which come from the reports made to Action Fraud and analysed by the NFIB, revealed that over half of reports (51%) mentioned one social media account, showing that social media platforms are by far the most likely medium for shopping and auction fraud to take place.

The figures also revealed that the age group most likely to fall victim to a scam were 25–34 year olds, closely followed by the 35-44 and 18-24 age groups.

Pauline Smith, Head of Action Fraud, said:

“We know that because of the rising cost of living, people are looking to try and get the most from their money and save where they can. This year’s festive season will no doubt add pressure on people at an already expensive time of year.

“With retailers already slashing prices for Black Friday and Cyber Monday deals, it is easy to rush into making a purchase to try and grab a bargain. But don’t forget, criminals still operate at this time of year and will do anything they can to try and get you to part with your money.

“Make sure you know where and who you are buying from. While our figures show that people aged 25-34 years old are most likely to fall victim to an online shopping scam, fraud can affect anyone of any age. Be alert when using social media to purchase items as more than half of people who reported online shopping fraud to Action Fraud encountered a problem on these sites.

“Where possible, use a credit card when shopping online as this will offer you more protection if anything goes wrong, and follow our practical advice to help you shop online safely.”

The new figures are published as the NCSC launched a nationwide drive to promote its Cyber Aware campaign to help shoppers protect themselves online.

The Cyber Aware campaign provides shoppers with actionable steps to boost their online resilience by creating a strong and separate password for email accounts using three random words and turning on 2-step verification (2SV).

The campaign is launched as newly published polling data from Revealing Reality/Yonder found that over half (59%) of British people are using their email password on other sites, putting them at risk of online fraud and cyber criminals.

Having a strong and separate password for email accounts means that if cyber criminals steal the password for one of your less-important accounts, they can’t use it to access your email account.

In 2024, the government will launch a national communications campaign to tackle fraud, as committed to in the Fraud Strategy. Everyone will be asked to play their part, with government, law enforcement, industry and the third sector working together to make sure people know how to protect themselves against fraud.

More here