AI-driven fraud surges as retailers brace for black friday

By Vriti Gothi

As retailers enter one of the most high-pressure sales periods of the year, cybersecurity experts are flagging a sharp rise in sophisticated fraud attacks fuelled by artificial intelligence. The seasonal spike in online shopping activity and time-sensitive promotions is creating fertile ground for cybercriminals to exploit consumer urgency and overwhelm retailers already strained by volume.

Jonathan Frost, Director of Global Advisory for EMEA at BioCatch, said “The annual retail event has evolved into a critical moment for fraud prevention teams, with a growing wave of hyper-personalised phishing and social engineering scams targeting both shoppers and merchants. He warned that Black Friday is no longer only associated with counterfeit purchases or fake deals, but increasingly with large-scale data harvesting operations.”

“Too much of the Black Friday conversation revolves around fake purchases, as it also creates the perfect storm for fraudsters to harvest data,” Frost said. “Consumers rush to claim limited time offers and dwindling stock, and scammers weaponise that urgency, using AI to spin thousands of hyper-personalised phishing scams… Criminals then gather credentials, behavioural cues and personal data to later recycle into highly targeted social engineering attacks.”

Frost noted that account takeover activity typically reaches a peak during the shopping season, with loyalty schemes becoming a particularly lucrative target for attackers who benefit from extended promotional value. “If you’re going to hack someone’s Clubcard, you might as well do it when you can get better value,” he said. Retailers, too, face heightened risk, with a surge in first-party fraud as opportunistic claimants exploit operational pressure within logistics teams.

The influx of AI-generated scams has made detection more challenging, as cloned websites and fraudulent alerts increasingly mirror authentic branding and customer communications. Frost urged consumers to approach extreme discounts with caution, verify unfamiliar sellers and avoid being pressured into alternative payment channels if card transactions fail. “A deal that looks too good to be true almost always is,” he said. “If your payment card declines and you’re prompted to use alternative payment routes, stop immediately… never be rushed into paying by bank transfer.”

Frost also stressed swift action in the event of suspected fraud, advising victims to cease contact, remain on the communication platform where the scam occurred, and report the incident to Action Fraud on 0300 123 2040 (or 101 in Scotland), as well as alert their bank without delay.

Looking ahead, he warned that increasingly advanced AI capabilities may fundamentally alter the risk landscape. “Black Friday could be the start of a fraud wave that carries through the holiday season and into the new year. The growing use of AI to generate these clone websites means that by the next Black Friday, it will no longer be about spotting typos, but about spotting AI. The rise of agentic AI, in particular, could see criminals further automate deception, craft personalised scams, and even mimic real customer behaviour, blurring the lines between human and machine.”

His comments come as financial institutions and retailers intensify investment in behavioural biometrics and other fraud-detection tools, aiming to counter escalating threats at a time when digital commerce volumes continue to rise.