Black Friday-themed phishing campaign using brand impersonation and fake marketing domains
Campaign
Summary
Hide ▲
Show ▼
Black Friday-themed phishing campaigns surged 620% in the weeks before the 2025 shopping period, increasing the risk that shoppers will be drawn into fake offers and payment-detail theft. Attackers are using brand impersonation, fake marketing domains, and GenAI-powered fake advertisements to make the lures look legitimate. The activity is expected to rise another 20% to 30% during Black Friday week, when deal-seeking consumers are most likely to click quickly. Some lures redirect victims to fake Amazon websites that collect sensitive data and payment details.
Related Happenings
Shop fake receipt callback phishing campaign
Campaign
H score29
First: 25.06.2026 22:45
Last: 25.06.2026 22:45
Sources 1
About this happening:
Threat actors are **abusing Shop** by planting **fake purchase receipts** in order histories, turning a trusted shopping app into a **callback-phishing lure** that can expose **ac...
Shop fake receipt callback phishing campaign
CampaignAbout this happening: Threat actors are **abusing Shop** by planting **fake purchase receipts** in order histories, turning a trusted shopping app into a **callback-phishing lure** that can expose **ac...
QR code phishing surged across email threats in Q1 2026
Trend
H score73
First: 05.05.2026 09:35
Last: 05.05.2026 09:35
Sources 1
About this happening:
**Q1 2026** email-threat telemetry shows **QR code phishing** and **CAPTCHA-gated phishing** rising quickly, increasing the risk of **credential theft** across **organizations**....
QR code phishing surged across email threats in Q1 2026
TrendAbout this happening: **Q1 2026** email-threat telemetry shows **QR code phishing** and **CAPTCHA-gated phishing** rising quickly, increasing the risk of **credential theft** across **organizations**....
Starkiller dark-web phishing platform scales credential theft as a SaaS-style criminal service
Threat Actor Meta
H score36
First: 19.02.2026 14:00
Last: 19.02.2026 14:00
Sources 1
About this happening:
The **Starkiller** phishing platform has emerged as a **SaaS-style criminal service**, raising the scale and durability of credential theft operations. It is sold on the **dark we...
Starkiller dark-web phishing platform scales credential theft as a SaaS-style criminal service
Threat Actor MetaAbout this happening: The **Starkiller** phishing platform has emerged as a **SaaS-style criminal service**, raising the scale and durability of credential theft operations. It is sold on the **dark we...
Parked and typosquatting domains now redirect most visitors to scams and malware
Trend
H score38
First: 16.12.2025 16:14
Last: 16.12.2025 16:14
Sources 1
About this happening:
Large-scale experiments found **parked domains** and **typosquatting domains** now commonly send visitors to **scams**, **scareware**, or **malware**, turning routine mistyped nav...
Parked and typosquatting domains now redirect most visitors to scams and malware
TrendAbout this happening: Large-scale experiments found **parked domains** and **typosquatting domains** now commonly send visitors to **scams**, **scareware**, or **malware**, turning routine mistyped nav...
China-based groups selling phishing-as-a-service kits for mobile-points smishing
Threat Actor Meta
H score28
First: 05.12.2025 01:02
Last: 05.12.2025 01:02
Sources 1
About this happening:
Multiple **China-based cybercriminal groups** are selling **phishing-as-a-service platforms** that reuse the same scam infrastructure across **mobile points**, **tax-refund**, and...
China-based groups selling phishing-as-a-service kits for mobile-points smishing
Threat Actor MetaAbout this happening: Multiple **China-based cybercriminal groups** are selling **phishing-as-a-service platforms** that reuse the same scam infrastructure across **mobile points**, **tax-refund**, and...
Timeline
-
27.11.2025 02:00 2 articles · 7mo ago
Darktrace warns of Black Friday phishing surge
Initial DisclosureDarktrace published a November 27 warning about a 620% surge in Black Friday-themed phishing campaigns in the weeks leading up to the 2025 sales period, highlighting brand impersonation, fake marketing domains such as Pal.PetPlatz.com and Epicbrandmarketing.com, and GenAI-powered fake advertisements that redirect shoppers to fake Amazon pages to steal sensitive data and payment details.
Show sources
- Three Black Friday Scams to Watch Out For This Year — www.infosecurity-magazine.com — 28.11.2025 15:35
- Three Black Friday Scams to Watch Out For This Year — www.infosecurity-magazine.com — 28.11.2025 15:35