With Black Friday fast approaching, Lancaster-based cybersecurity specialist Citation Cyber is warning UK shoppers and retailers to stay vigilant, as online scams and cyberattacks are expected to surge during the busiest shopping period of the year.
According to GOV.UK, over 72,000 cyber-facilitated fraud incidents were recorded in the UK over the past 12 months.
“Cyber threats are now one of the most significant risks to business continuity, reputation, and financial health,” says Zain Javed, CTO at Citation Cyber. Retailers are prime targets because they handle vast amounts of sensitive data and rely heavily on technology to manage logistics, payments, and customer interactions. We’re seeing attackers evolve rapidly, using sophisticated tactics that create maximum disruption and pressure to pay ransoms.”
Citation Cyber has also seen a 50% increase in organic leads this year, reflecting a sharp rise in demand for cybersecurity services from small and medium-sized businesses concerned about the growing threat landscape.
READ MORE: £3m new investment for Leeds “smart surface” tech pioneer
Javed’s key advice for consumers? Don’t trust every email that looks like it’s from your favourite retailer.
“Phishing scams are rampant during Black Friday,” he explains. “Always check the sender’s email domain and IP address. If something looks off, it probably is. Hackers often mimic well-known brands to lure shoppers into clicking malicious links or sharing personal details. You can also cross-reference the email with the brand’s contact-us or customer-service email to be extra cautious.
“If you click on the link the first thing to do is not panic, check the URL and don’t share any personal details. Disconnect from the internet and also check for any malware. It’s also important to change any passwords for sites that may have your personal information stored.”
Other things shoppers can be doing include:
- Be cautious of pop-ups & checkout forms – if they request information more than once or ask for payment information in unexpected places, do not provide it. This is another tactic for hackers to access information.
- Unexpected redirects – If a page suddenly reloads or takes you to an unfamiliar site, treat it as suspicious.
- Unfamiliar devices – if you’ve had a notification of an unfamiliar device or network accessing your account shortly before a big shopping session, this is most likely an attempted hack. If this has happened, disconnect from the internet, change all passwords, and report the issue to the appropriate providers.
On top of this, Javed said there are things businesses can also be doing to prepare for the busy event: “They should treat the few weeks left ahead of Black Friday as a full pre-event cyber stress test. Preparation is key. Running high-traffic simulations or penetration testing of checkouts and backend systems is key. However, most importantly, communicating with customers proactively and reassuring them that this preparation can also help build trust and encourage them to return for future purchases.
“From my work with retail clients, the businesses that plan for the surge, bake in security workflows, and ensure vendor strength outperform their peers. Black Friday isn’t just a revenue peak, it’s a cyberattack magnet.”
