Spammers use holiday scams to con shoppers out of data and money

Bitdefender Total Security Antivirus

November 26 is Black Friday, a peak time for bargains but also online fraud. While shoppers look for the best deals of the year and engage in some pre-Christmas shopping, scammers use the holiday season to swindle unsuspecting victims through fraudulent emails and other schemes. Bitdefender’s Antispam researchers looked at data for the first part of November to identify spam trends.

Phishers cast a wide net but focus on the US, and overwhelmingly use the English language

Consumer online shopping habits rose during the pandemic, and cybercriminals are not missing out on the action. Early November is a good time to conduct test runs and fine-tune new and existing scams in an attempt to financially compromise users.

Bitdefender Labs found that US reigns as the most attractive target to threat actors, receiving the largest share of spam emails, consisting of 44% of the entire global spam volume between 1-11 November, according to Bitdefender spam telemetry (see Figure 1). The US is followed by the UK (8%), Australia (6%), South Africa (5%), Ireland (4%), Germany (4%), Sweden (3%), Denmark (2%), France (2%), Romania (1%) and Italy (1%).

Figure 1: Global spam received on 1-11 November


Shopping spam targets English speakers

Spam using the English language leads global phishing attacks. Bitdefender researchers noticed increased usage of the English language to spread shopping scams during four days of analysis on 8-11 November 2021 (see Figure 2). The geographic distribution of shopping-related spam in English can be seen below (see Figure 3).

Figure 2: Date and time distribution of spam in English on 8-11 November


Figure 3: Geographic distribution of received shopping scams in English on 8-11 November 2021


Spam campaigns originate from IP addresses across North America, Europe and Asia (see Figure 4). However, 44% of the sent global shopping spam emails Bitdefender identified seem to originate from spammers in the US capitalizing on potential victims locally.

Our findings are consistent with a recent survey that puts the US on top of the list for the number of people (28%) who plan to shop on Black Friday this year. According to statistics, the  US also topped the list for search interest in Black Friday deals raking 21% of the Black Friday search volume for this shopping season, followed by Germany (13%), the UK (10%) and France (4%).

Figure 4: Origin of sent shopping scams in English on 8-11 November 2021


With just a little over two weeks before the biggest shopping day of the year, there’s no shortage of fake deals and promotions for keen shoppers to fall for. No stone was left unturned, from household decorations and retail to tech and airplane tickets. Scammers prey on a variety of consumer segments and age groups. Here’s a list of the most popular shopping-themed spam email subjects picked up by Bitdefender researchers on 8-11 November:

  • [Black Friday 2021]Cheap Oakley Sunglasses 85% Off Discount Free Shipping
  • [Black Friday 2021] Discount Ray-Ban Sunglasses Online, New Styles, Save up to 90% Off
  • We have a surprise for Walmart Shoppers!
  • Sink your Teeth into Thanksgiving Rewards at Sam’s Club
  • One Stop Christmas Shop
  • Your Next Flight with American Airlines! #7ID
  • 30 Seconds Will Reward You With $100 in Exclusive Apple Rewards
  • 26 Products That Will Sell Out By Thanksgiving
  • 20+ Unique Gift Ideas For Your Christmas List
  • The best companies offering senior discounts right now
  • Get Amazon Gift Card!!!

This list is just a small sample of the amount of shopping-themed phishing emails this year.

Run-of-the-mill Black Friday shopper rewards scams

Bitdefender spam researchers expect more spam campaigns in the coming weeks, with spikes on Black Friday, Cyber Monday and winter holiday shopping deals. Scammers often take advantage of these events to spread phishing emails and deliver malware to targets in bulk. From what we’ve noticed so far, shopper rewards and gift cards or prizes associated with phony surveys and raffles are among the tricks used most to fool recipients.


International travel spam bounces back as travel restrictions lift

International travel has bounced back and forth, and despite the ongoing pandemic, 47% of consumers plan to travel this season, and 55% plan to take one to three trips in 2022, according to a recent study. With travel restrictions easing, travel companies, airlines, cruise operators and hotels are sure to deliver discounts for eager holidaymakers and travelers this season – and we expect that scammers will increase their use of travel deals to lure unsuspecting travel planners.


An analysis of the travel-themed spam topics received on 08-11 November shows that spammers mostly focus on delivering fraudulent correspondence related to air travel and accommodation during the pre-holiday shopping season.

On November 8, 43% of received global travel-themed spam by volume was related to air travel, 21% to hotels and accommodation and only 5% to tourist destinations (see Figure 5). By November 9 (see Figure 6), hotel and accommodation spam topics rose six percentage points (27%), while air travel topics dropped 25 percentage points (18%). Air travel-related spam rose to 28% on November 10 (see Figure 7), while hotel and accommodation spam emails remained fairly consistent with 26%.

Spam topics related to tourist destinations, cruises and charters were fairly unexploited on 08-10 November. However, by November 11, spam delivering tourist destination topics rose six percentage points (12%) compared to three days prior (see Figure 8).

Figure 5: Spam rate of travel-themed scams on 8 November


Figure 6: Spam rate of travel-themed scams on 9 November


Figure 7: Spam rate of travel-themed scams on 10 November


Figure 8: Spam rate of travel-themed scams on 11 November


Consumers continue to engage in risky behavior online according to survey data

A recent Bitdefender study reveals that although consumers are most concerned about financial fraud (41% of interviewed users), most online consumers still engage in risky behavior for data protection.

In fact, nearly 30% of users do not have security protection on their main mobile devices and more than half ignore cybersecurity recommendations for passwords use, either relying on a few passwords or a single password for all their online accounts.

Among online accounts, social media (63%) and shopping platforms (54%) are the top two preferred digital services in terms of consumer usage, and owning an account on a shopping platform was prevalent in nearly half of respondents in each surveyed age category.

The data also revealed that 30% of respondents share their online shopping account not only with close family members (19%), but with housemates and friends as well. This risky behavior extends to credit card and email address sharing. While only 29% of respondents say they never or almost never share their email address, sharing credit or debit cards numbers is a big no-no for only 62% of consumers.

Shopping scam samples in November


Bitdefender’s advice for all you shoppers out there

Holiday shopping fraud season is here, and consumers shouldn’t start their shopping spree unprepared or assuming they won’t fall for a fraudulent email or scam. Despite the evolving threat landscape and ongoing awareness campaigns to educate users on the importance of basic cyber hygiene, insights into consumer behavior reveal a potentially frightful outcome.

Highly organized cybercriminals will try to hook unwary online shoppers using every trick in the book. Internet users need to adapt and familiarize themselves with new and existing threats while maintaining a watchful eye on their online activity.

To ensure a safe online shopping experience, users should assess their security risks and secure their online accounts.

Bitdefender’s tips for safe online shopping:

  • Update browsers and install a security solution on all devices, including mobile phones or tablets you may use to browse for deals.
  • Never enter your credit card details on unfamiliar or suspicious websites or share payment information with people contacting you on social media. Stick to official stores and good reputation websites for shopping.
  • Pay attention to unsolicited correspondence promoting killer deals and ‘too-good-to-be-true offers. Double-check offers before rushing into a purchase, no matter how great it sounds.
  • Expect fake security alerts and password reset notifications for accounts this time of year. Scammers want login information to steal users’ financial data. Unsolicited requests should be handled with care, and shoppers should visit official websites to check for alerts or security issues.
  • Review account details and reset old passwords on platforms, including e-commerce, email, financial services, delivery services and social media platforms. Use strong passwords at least 12-15 characters long. Consider a password manager to help keep tabs on all login credentials.
  • Enable two-factor (2FA) or multi-factor authentication (MFA) wherever possible on banking and e-commerce platforms.
  • Watch out for failed package delivery scam emails. Phishing campaigns impersonating delivery service providers are a known side effect of the holiday shopping season rush.
  • Only access websites with HTTPS in the address, and read emails and promotions carefully. Look for misspellings and suspicious layouts or data requests. Instead of clicking on links in the email, head to the official website to verify
  • Enable credit card alerts to receive real-time notifications in case of suspicious charges

Take care of your devices with our extended 90-day Bitdefender Total Security trial, and experience the best-in-class protection for Windows, Mac, Android and iOS. Our web protection feature ensures safe browsing and shopping experience blocking any malicious content (URLs, untrusted websites, fraudulent webpages and phishing links), notifying you about the potential dangers of accessing unfamiliar links. Moreover, the dedicated secure browser (Bitdefender Safepay) brings an extra layer of security with a built-in VPN designed to keep your banking, e-shopping and online transactions secure and private.