“Cyber criminals are putting in overtime — with Black Friday and Cyber Monday approaching, threat actors are poised to take advantage of consumers hoping to shop the yearly discounts.”

This includes malicious websites, SEO poisoning and phishing attacks.

The report said “we might be in for a particularly risky holiday window.”

There has been an 89% surge in websites related to Black Friday from the same period last year.

Black Friday and Cyber Monday sales are forecast to rise to a record $75 billion, a 5% rise from last year, according to Bain.

Last year it was $9.8 billion online on Black Friday.

Seventy-six percent of U.S. consumers said they would buy at least half of their holiday purchases online, according to a Bain & Company survey of consumers.

Websites and email offers are often scams.

“Nearly all of these sites impersonate well-known brands, and almost none are classified ‘safe’,” Check Point warns.

Black Friday deals look enticing, readily “tricking a consumer into entering sensitive details, like payment info or a set of credentials, into the fraudulent site.”

Often these websites are simple phishing traps, “passively harvesting user credentials from deal-seekers. The variety of impersonated sites ranges widely, from global behemoths to smaller, but still prominent, boutiques.”

The use of Artificial Intelligence help fraudsters “deliver convincing phishing emails directly to consumer inboxes.”

And there is Quishing, the use of malicious QR codes, “designed to bypass traditional email filters.

Check Point offers five steps to staying safe.

• “Check URLs closely for misspellings or unusual host domains.
• Make sure the url starts with “https:// and shows a padlock icon, certifying a secure connection.
• When emails come in, reference the sender against emails you know to be real. Don’t click anything you’re not sure about.
• Don’t blindly click through on QR codes.
• Never input unnecessary details like your Social Security number, and avoid inputting extra info like your birthday where it’s not required.”

Rather than clicking on the offer, it’s best to find offers via Google, according to Zak Doffman with Forbes.

And be careful in giving personal information, including financial details.

“Downstream from consumer data is an entire illicit economy that cyber criminals are hoping to exploit during the holidays,” Check Point said. “From personal credit cards, credentials, and identity info, threat actors can drive a variety of scams to drain personal accounts, demolish credit, and freeze and extort businesses. Because they’re such a target, individuals should take some key actions to protect themselves against the daunting holiday threat landscape.”

In Florida, Attorney General created the 2024 Holiday Consumer Protection Guide to cut down on scams during holidays. The guide also notes unsafe products.

“As you begin planning your holiday shopping list, we want to make sure you are armed with the latest tips and information to avoid scammers trying to capitalize on the hustle and bustle of the season. Last holiday season, sales surpassed $964 billion – and with all that money exchanging hands, scammers may see this as an opportunity to make a quick buck,” Moody writes in the 64-page guide.

She added: “My 2024 Holiday Consumer Protection Guide has tips for Floridians to avoid common holiday shopping schemes and cyber scams. The guide offers an array of information on how to safely navigate seasonal sales – whether that be online from the comfort of your home or in stores.”