Black Friday poses a massive shopping opportunity – and a theft opportunity for criminals out to get personal and financial data from consumers. Businesses need to plan ahead and adopt proactive defence strategies to protect critical data and infrastructure.

As Black Friday approaches, millions of businesses and consumers worldwide are preparing for one of the busiest shopping days of the year. While the excitement of discounts and limited-time deals drives consumers to shop online, it also creates the perfect opportunity for cybercriminals to exploit the surge in online activity. 

Phishing and social engineering attacks, already on the rise, become more prevalent during this period, as attackers take advantage of heightened urgency. These attacks target both individuals and businesses, making it crucial for organisations to revisit their cybersecurity strategies. 

To mitigate the risks posed by these evolving threats, businesses must adopt advanced detection tools, artificial intelligence (AI), and continuous employee training as part of a robust defence strategy.

Understanding phishing and social engineering

Phishing and social engineering may seem like familiar threats, but they have grown increasingly sophisticated. Phishing typically involves cybercriminals impersonating trusted entities—such as banks, retailers, or colleagues—to trick victims into revealing sensitive data like login credentials or payment details. These attacks often come in the form of emails that spoof trusted senders, use fake domains, and apply urgency to prompt the recipient to click on malicious links or download harmful attachments.

Social engineering goes a step further by manipulating human psychology to gain unauthorised access to sensitive data or systems. Attackers might pose as customer service representatives, delivery agents, or even colleagues, exploiting cognitive biases like urgency, fear, or trust to coerce victims into sharing confidential information. 

Unlike phishing, social engineering methods such as vishing (voice phishing), smishing (SMS phishing), and pretexting are designed to be more personal, manipulating victims into bypassing security protocols and acting hastily.

The growing sophistication of attacks

In recent years, phishing and social engineering attacks have evolved dramatically. Cybercriminals are increasingly using AI to automate and personalise their attacks, making them more targeted and difficult to detect. 

AI tools can scrape public data from social media profiles, websites, and company databases to craft emails tailored to specific individuals. Additionally, natural language generation (NLG) allows attackers to mimic the tone and writing style of colleagues or executives, making phishing attempts seem more legitimate.

Another concerning development is the use of deepfake technology. Deepfakes—synthetic audio or video recordings that appear indistinguishable from real recordings—have been used to impersonate high-level executives or company leaders. 

In one notable case, the CEO of a UK-based energy company was tricked into authorising a significant wire transfer after being deceived by a voice clone that sounded identical to that of their German CEO. This shift in tactics shows how cybercriminals are bypassing traditional identity verification methods and leveraging technology to deceive even the most cautious individuals.

High-profile incidents like the 2016 Bangladesh Bank heist, in which cybercriminals impersonated bank officials to steal over $81 million, underscore the devastating potential of social engineering. In South Africa, a 2023 report from the South African Banking Risk Information Centre (SABRIC) revealed a 45% increase in digital banking fraud, much of which was linked to phishing and social engineering scams.

Black Friday: A perfect storm for cybercrime

Black Friday offers the ideal environment for cybercriminals to launch phishing and social engineering attacks. The high volume of transactions and the urgency associated with securing time-sensitive deals make consumers more likely to overlook basic security precautions. Phishing emails may appear as notifications about limited-time offers, fake shipping updates, or payment confirmations, urging recipients to act quickly. 

Attackers often use typosquatting, creating fraudulent websites with domain names that closely resemble legitimate retailers’ websites. In the rush to secure discounts, shoppers may fail to spot subtle discrepancies like misspelled URLs, inadvertently leading them to malicious sites designed to steal personal information.

Vishing and smishing attacks are also more prevalent during Black Friday. Attackers impersonating customer service agents, delivery personnel, or even bank officials may contact consumers directly via phone or SMS, requesting payment details or confirmation of account information. With the increased volume of online interactions, these attacks are more likely to succeed, especially when consumers are distracted or pressured to complete transactions quickly.

Organisations must be prepared for this surge in online threats, implementing real-time transaction monitoring and anomaly detection systems to spot suspicious patterns. With so many consumers shopping at once, businesses need to act swiftly to prevent fraud, minimise financial losses, and safeguard their reputations.

Essential defence strategies

To counter the growing threat of phishing and social engineering, businesses must adopt a multi-layered cybersecurity approach. Below are several key strategies:

1. AI-powered threat detection: Investing in AI-driven threat detection systems is critical. These systems analyse large volumes of data to identify phishing emails in real-time by recognising suspicious sender addresses, unusual email content, and embedded malicious links. Advanced email filtering systems that use protocols such as DMARC, SPF, and DKIM can also prevent email spoofing and domain impersonation.

2. Multi-Factor Authentication (MFA): Enforcing MFA, particularly for high-risk accounts like email or financial systems, is essential. MFA adds an additional layer of protection, ensuring that even if login credentials are compromised, attackers cannot access critical systems without another form of verification, such as a mobile code. An example of this is BCX’s Identity and Access Management (IAM) solutions, organisations have been able to implement seamless MFA across their organisation’s cloud platforms and VPNs, reducing the incidence of credential stuffing attacks.
3. Employee security awareness: Regular employee training is vital to combat social engineering attacks. Training programmes should focus on identifying phishing emails, vishing calls, and smishing messages. Simulated phishing exercises can be a valuable tool to reinforce security awareness and improve response times when employees encounter suspicious communications.
   
4. Endpoint security: Organisations must ensure all devices—especially those used for remote work—are secured with endpoint protection solutions. These solutions can detect and block malware, enforce timely security patches, and limit access to sensitive systems, reducing the attack surface. BCX, as an example, combines security and networking through Secure Access Services Edge (SASE) architecture, a cloud-based solution that delivers policy-based security, user authentication, and seamless cloud integration for all devices and applications. Paired with a Threat Defense Centre (TDC), this approach enables continuous monitoring, rapid incident response, and enhanced edge-to-edge security across the network perimeter.
   
5. Encryption: Ensuring sensitive data is encrypted both at rest and in transit is fundamental. End-to-end encryption of transactions and communications ensures that even if data is intercepted, it remains unreadable to cybercriminals. 
   
6. Customer education: Educating customers about the risks of phishing and social engineering, especially during peak shopping periods like Black Friday, can go a long way in protecting them. Clear communication about how to spot phishing attempts and verify the legitimacy of requests can help customers avoid falling victim to scams.

As phishing and social engineering attacks grow in sophistication, businesses must evolve their cybersecurity strategies to stay ahead of the threat. Traditional security measures are no longer sufficient in addressing the increasingly targeted and complex nature of these attacks. By combining advanced threat detection, employee training, and robust endpoint security, organisations can significantly reduce the risk of a breach. However, the human element remains the most significant vulnerability, which means businesses must continue to prioritise employee awareness and customer education.

Cybersecurity is a shared responsibility, and a proactive security posture that involves coordination between IT teams, leadership, employees, and customers is essential. By fostering a culture of security awareness and vigilance, organisations can better navigate the evolving landscape of phishing and social engineering, ensuring their resilience in the face of growing cyber threats.