UK shoppers and retailers have received an urgent three-day warning to stay vigilant against a predicted surge in online scams and cyberattacks ahead of Black Friday on November 28. Both telecommunications giant O2 and cybersecurity specialists Citation Cyber issued alerts as criminals prepare to exploit the year's busiest shopping period.
The warning comes as deal-hunters are expected to spend billions over the Black Friday weekend, with six in ten Brits planning to shop more during Black Friday and Cyber Monday sales. But a quarter of consumers admit they often forget what they've purchased until it arrives - a vulnerability scammers are actively targeting.
The scale of the threat is significant. Over 72,000 cyber-facilitated fraud incidents were recorded in the UK over the past 12 months. Virgin Media O2 has already blocked hundreds of millions of scam texts this year alone, including millions of fake delivery notifications.
Zain Javed, CTO at Citation Cyber, warned: «Cyber threats are now one of the most significant risks to business continuity, reputation, and financial health.» He added: «We're seeing attackers evolve rapidly, using sophisticated tactics that create maximum disruption and pressure to pay ransoms.»
Watch for these red flags
Delivery scams are particularly prevalent. Fraudsters impersonate major couriers like DPD, Evri, Royal Mail, and Yodel with convincing text messages about missed deliveries or payment requests. O2 explained that the timing makes these scams more believable: «This makes delivery scam texts more believable — something scammers plan to take advantage of.»
Phishing emails are equally dangerous. «Phishing scams are rampant during Black Friday. Always check the sender's email domain and IP address,» Javed said. Shoppers should look for odd, long, or shortened links, urgent payment demands via text, messages from random or non-UK numbers, and vague texts without specific order details.
Suspicious pop-ups requesting information multiple times, checkout forms asking for data in unexpected places, and unexpected redirects to unfamiliar sites are also warning signs. Notifications of unfamiliar devices or networks accessing accounts require immediate action.
What to do if you click a suspicious link
Javed provided clear guidance: «If you click on the link the first thing to do is not panic, check the URL and don't share any personal details. Disconnect from the internet and also check for any malware.» Users should then change all relevant passwords and report unfamiliar device access immediately.
James Harwood, Fraud Prevention Strategy Lead at Virgin Media O2, emphasized the need for caution: «Black Friday should be about landing great deals – not becoming victim to fraud. But unfortunately, sophisticated scammers know busy shopping periods are a perfect time for them to act. We have blocked hundreds of millions of scam texts, including fake delivery messages, this year alone. But this festive season we're issuing new advice to help more Brits swerve the scammers. Don't get stung this Black Fraud-day. If something looks suspicious, don't click. Instead, report it to 7726 so we can investigate.»
The experts recommend keeping careful track of all orders, double-checking any suspicious links before clicking, and remembering that legitimate delivery companies never demand instant payments via text. Cross-referencing emails with official brand contact information can help verify authenticity.
Businesses face equally serious risks, with average losses from cyberattacks reaching £3.3 million in 2025. Retailers are prime targets due to their handling of vast amounts of sensitive customer data and reliance on technology for logistics, payments, and customer interactions.
Note: This article was created with Artificial Intelligence (AI).
