Find notable cyber news and cases, enriched with sources, timelines, and signals.

Holiday-season phishing and stolen e-commerce login surge ahead of Black Friday

Trend
First reported
Last updated
Happening score
H score 53
2 unique sources, 3 articles

Summary

Hide ▲

Holiday-themed phishing is intensifying against e-commerce shoppers ahead of Black Friday and Christmas, with defenders seeing at least 750 malicious domains registered over the last three months and 1.57 million login accounts tied to major e-commerce sites circulating in stealer logs. The pattern shows how seasonal lures such as Christmas, Black Friday, and Flash Sale are being used to drive credential theft, account takeover, and payment fraud at scale. Recent reporting also shows Darktrace observed a 620% spike in Black Friday-themed phishing in the weeks leading up to the sales period, including brand impersonation, fake marketing domains, and GenAI-powered fake advertisements. The activity matters because it combines fresh phishing infrastructure with large pools of stolen credentials, increasing the risk of fraudulent purchases and account abuse across consumer shopping platforms.

Related Happenings

Oracle E-Business Suite unauth HTTP takeover security flaw (CVE-2026-46817)

Vulnerability
H score52 First: 29.06.2026 16:46 Last: 29.06.2026 16:46 Sources 1

About this happening: **Oracle E-Business Suite** **CVE-2026-46817** is under **active exploitation**, putting **Oracle Payments** deployments at takeover risk. The flaw allows **unauthenticated HTTP a...

Repeated cyber-attacks target sports organizations over the last year

Trend
H score23 First: 12.06.2026 14:00 Last: 12.06.2026 14:00 Sources 1

About this happening: **Sports organizations** faced sustained cyber targeting across the **last 12 months**, with **84%** of teams, venues and event bodies hit and **57%** struck more than once. The p...

GorgonAgora fake .shop card-skimming campaign

Campaign
H score84 First: 05.06.2026 11:38 Last: 05.06.2026 11:38 Sources 1

About this happening: The **GorgonAgora** campaign is using **5,714 fake .shop storefronts** to steal payment data, widening card-theft risk across brand-impersonation checkout pages. The operation has...

FIFA-themed phishing-as-a-service market selling scam kits and ticket-buying bots

Threat Actor Meta
H score42 First: 05.06.2026 10:01 Last: 05.06.2026 10:01 Sources 1

About this happening: A **FIFA-themed phishing-as-a-service market** is selling **ready-made scam kits** and **ticket-buying bots**, lowering the barrier for fraud operators and making takedowns less e...

Ghost Stadium FIFA World Cup fraud campaign

Campaign
H score41 First: 27.05.2026 14:28 Last: 27.05.2026 14:28 Sources 1

About this happening: A **Ghost Stadium**-linked **FIFA impersonation fraud campaign** is targeting **2026 FIFA World Cup** fans with cloned **fifa.com** pages, fake ticket and hospitality offers, and...

Timeline

  1. 26.11.2025 06:29 4 articles · 7mo ago

    Holiday phishing and stolen e-commerce logins surge ahead of Black Friday

    Campaign Scope Update

    Security researchers reported a surge in holiday-themed phishing infrastructure aimed at e-commerce shoppers, saying they detected at least 750 malicious domains registered over the last three months and more than 1.57 million login accounts tied to major e-commerce sites circulating in stealer logs. The activity used seasonal terms such as Christmas, Black Friday, and Flash Sale to lure users toward credential theft and account takeover fraud ahead of peak holiday shopping.

    Show sources