Australian retailers face holiday surge in cyber scams & threats

Cybersecurity experts are warning that Australian retailers face an escalation of cyber threats as the nation enters the peak holiday shopping season, with the proliferation of scams, impersonation attempts, and increasingly sophisticated criminal tactics targeting both businesses and consumers.

Threat surge

Reuben Koh, Director of Security Technology & Strategy, APJ, Akamai Technologies, said, "This holiday shopping season can make or break many Australian businesses. While consumers are shopping for bargains, attackers are searching for vulnerabilities."

"The surge in shopping traffic during Black Friday, Cyber Monday and Christmas sales provides cybercriminals with the perfect cover to launch scams and fraud campaigns, exploiting the rise in digital transactions to hide malicious activity," said Koh.

Phishing, account takeovers, and payment fraud persist as the most common tactics, but spike during the holidays when legitimate customer activity masks fraudulent behaviour. Koh also warned of logistics fraud, involving fake notifications mimicking legitimate delivery companies, and of cyber extortion campaigns, such as distributed denial-of-service (DDoS) and ransomware attacks, aimed at crippling retailers during their most profitable period.

AI and social risks

Generative Artificial Intelligence is accelerating the development of new attack methods, with so-called "vibe scamming" emerging as a prominent threat. Koh explained that this involves AI-driven automation of phishing operations, allowing the creation of convincing fake websites, emails, and messages. The technology also enables more effective personalisation, with criminals using scraped social media activity, shopping history, and reviews to produce convincing messages that evade traditional detection methods.

The expansion of shopping on social media platforms, such as TikTok and Instagram, is also generating risks. Koh noted that these platforms are "not designed for secure financial transactions" and are increasingly being used to host fake reviews, counterfeit promotions, and cloned influencer accounts. A compromised influencer account, especially one with a large following, can quickly mislead thousands of users.

Fake websites and scams

On a global scale, Patrick Sayler, Director of Social Engineering, NetSPI, said, "Cybercriminals will often create highly convincing replicas of popular retail websites, designed to steal payment information or personal data. These sites often mimic big-name brands and offer 'exclusive' Black Friday deals to lure victims. Retailers need to actively monitor for brand impersonators using fake websites and work with takedown services to shut them down, fast. Consistent branding is your best defense as it helps customers spot the real retailer and avoid falling for a scam." 

Sayler added that social media is a top vector for fraudulent advertising this year, making it easier for scammers to reach consumers directly. He highlighted the return of gift card scams, warning, "Gift card scams are low-hanging fruit on Black Friday. Fraudsters may impersonate retailers, family, or friends, exploiting trust to request gift card purchases under the guise of holiday generosity or urgency. Retailers can combat the risk by setting purchase limits, adding warnings at checkout, and training employees to spot red flags. Consistent education goes a long way in keeping both your customers and your brand safe."

Red flags

Koh pointed to a series of warning signs that retailers should monitor, including small but high-volume test transactions, irregular bursts of web traffic typical of bots, spikes in failed logins, and any outbound connections from internal systems to unknown internet addresses, which may signal a ransomware or data exfiltration attempt.

Koh said, "Before the holiday rush, retailers should: reassess their entire security posture; ensure defences can differentiate genuine shoppers from malicious bots; and deploy web application firewalls, DDoS mitigation and bot management tools that can adapt dynamically." He stressed the need for mandatory multi-factor authentication for both staff and customer logins, as well as rapid and ongoing education about emerging scams.

Third-party concerns

Koh highlighted the need for vigilance regarding third-party vendors, noting that partners such as payment gateways and logistics providers can be both an asset and a vulnerability. Vetting these vendors, ensuring evidence of capabilities such as DDoS mitigation and encryption, and monitoring their access are recommended measures.

Consumer risks rising

Shoppers in Australia and New Zealand also face a growing prevalence of scams. Ashley Millar, Trend Micro's Director of Consumer Education, said, "Cyber Monday may be a highlight for retailers, but for cybercriminals, it's an opportunity. With over a third of Australians and 29% of Kiwis expected to hunt for deals on the day, scammers are poised to exploit the rush, weaponising urgency, emotion, and trust in familiar brands and charities."

Millar noted, "Financial pressure only amplifies this risk. According to Trend Micro research, over half of Australians and New Zealanders say their financial security has taken a hit this year. When budgets are tight, people click faster and take more risks, overlooking critical warning signs. In this climate, organisations and consumers alike must stay alert. Awareness and the right proactive protection are key to navigating this high-risk period safely."