Black Friday-themed phishing campaign using brand impersonation and fake marketing domains
Campaign
Summary
Hide ▲
Show ▼
Black Friday-themed phishing campaigns surged 620% in the weeks before the 2025 shopping period, increasing the risk that shoppers will be drawn into fake offers and payment-detail theft. Attackers are using brand impersonation, fake marketing domains, and GenAI-powered fake advertisements to make the lures look legitimate. The activity is expected to rise another 20% to 30% during Black Friday week, when deal-seeking consumers are most likely to click quickly. Some lures redirect victims to fake Amazon websites that collect sensitive data and payment details.
Related Happenings
QR code phishing surged across email threats in Q1 2026
Target Trend
First: 05.05.2026 09:35
Last: 05.05.2026 09:35
Sources 1
About this happening:
**Q1 2026** email-threat telemetry shows **QR code phishing** and **CAPTCHA-gated phishing** rising quickly, increasing the risk of **credential theft** across **organizations**....
QR code phishing surged across email threats in Q1 2026
Target TrendAbout this happening: **Q1 2026** email-threat telemetry shows **QR code phishing** and **CAPTCHA-gated phishing** rising quickly, increasing the risk of **credential theft** across **organizations**....
Starkiller dark-web phishing platform scales credential theft as a SaaS-style criminal service
Threat Actor Meta
First: 19.02.2026 14:00
Last: 19.02.2026 14:00
Sources 1
About this happening:
The **Starkiller** phishing platform has emerged as a **SaaS-style criminal service**, raising the scale and durability of credential theft operations. It is sold on the **dark we...
Starkiller dark-web phishing platform scales credential theft as a SaaS-style criminal service
Threat Actor MetaAbout this happening: The **Starkiller** phishing platform has emerged as a **SaaS-style criminal service**, raising the scale and durability of credential theft operations. It is sold on the **dark we...
Parked and typosquatting domains now redirect most visitors to scams and malware
Target Trend
First: 16.12.2025 16:14
Last: 16.12.2025 16:14
Sources 1
About this happening:
Large-scale experiments found **parked domains** and **typosquatting domains** now commonly send visitors to **scams**, **scareware**, or **malware**, turning routine mistyped nav...
Parked and typosquatting domains now redirect most visitors to scams and malware
Target TrendAbout this happening: Large-scale experiments found **parked domains** and **typosquatting domains** now commonly send visitors to **scams**, **scareware**, or **malware**, turning routine mistyped nav...
China-based groups selling phishing-as-a-service kits for mobile-points smishing
Threat Actor Meta
First: 05.12.2025 01:02
Last: 05.12.2025 01:02
Sources 1
About this happening:
Multiple **China-based cybercriminal groups** are selling **phishing-as-a-service platforms** that reuse the same scam infrastructure across **mobile points**, **tax-refund**, and...
China-based groups selling phishing-as-a-service kits for mobile-points smishing
Threat Actor MetaAbout this happening: Multiple **China-based cybercriminal groups** are selling **phishing-as-a-service platforms** that reuse the same scam infrastructure across **mobile points**, **tax-refund**, and...
China-based smishing and fake e-commerce phishing campaign
Campaign
First: 05.12.2025 01:02
Last: 05.12.2025 01:02
Sources 1
About this happening:
A **China-based phishing campaign** has escalated into mass-registered scam domains and **SMS lures** for rewards points, tax refunds, and fake retail deals, increasing risk for *...
China-based smishing and fake e-commerce phishing campaign
CampaignAbout this happening: A **China-based phishing campaign** has escalated into mass-registered scam domains and **SMS lures** for rewards points, tax refunds, and fake retail deals, increasing risk for *...
Timeline
-
27.11.2025 02:00 2 articles · 6mo ago
Darktrace warns of Black Friday phishing surge
Initial DisclosureDarktrace published a November 27 warning about a 620% surge in Black Friday-themed phishing campaigns in the weeks leading up to the 2025 sales period, highlighting brand impersonation, fake marketing domains such as Pal.PetPlatz.com and Epicbrandmarketing.com, and GenAI-powered fake advertisements that redirect shoppers to fake Amazon pages to steal sensitive data and payment details.
Show sources
- Three Black Friday Scams to Watch Out For This Year — www.infosecurity-magazine.com — 28.11.2025 15:35
- Three Black Friday Scams to Watch Out For This Year — www.infosecurity-magazine.com — 28.11.2025 15:35