More than £11.5 million was lost to online shopping scams in the UK over the festive period last year, according to a new report by the National Cyber ​​Security Centre; Black Friday was the primary target. This represents an increase of at least £1.1 million compared to 2022.

Britain’s cyber chief Richard Horne says artificial intelligence is partly responsible.

“As we head into the holiday shopping season, people are understandably eager to find the best deals online,” said NCSC’s CEO. Press release.

“Unfortunately, this is also prime time for cybercriminals, who are exploiting bargain hunters with increasingly sophisticated scams (sometimes crafted using artificial intelligence), making them harder to detect.”

High-tech products, clothes and cars are among the most common scams

More than 16,000 online shopping reports were made to Action Fraud between November 2023 and January 2024, with each victim losing an average of £695. Social media sites and online marketplaces are the most common platforms used to launch scams, cited in 43% and 18.9% of reports respectively.

Average spending at Christmas is forecast to be £42 more per person than last year, according to Hargreaves Lansdown. Telecom provider Three found this Reports of scam messages tripled It quintupled during the month of Black Friday and into December as attackers sought to take advantage of this high-spending season.

In addition to clothing and cars, high-tech products are among the most common products used by cybercriminals for fraudulent purposes; This means institutional buyers also need to be vigilant.

TO SEE: Top 4 E-Commerce Payment Solutions of 2024

“Fake Black Friday deals can take place in a variety of ways, from traditional spear phishing emails to ads found on web pages,” ESET global cybersecurity consultant Jake Moore told TechRepublic in an email.

“Additionally, interesting bargains advertised on social media are often not reviewed to the high standards people might assume, and may also appear convincing enough to get people to part with their money within minutes.”

The shopper is less likely to verify deals shared by friends on messaging apps and in a group chat, which could be due to a compromised account, he added. It’s not just the elderly who get caught up in these scams, as the average age of victims was found to be 42, according to the NCSC; This is a common misconception.

Artificial intelligence is increasingly used in online shopping scams

Average across global retail sites 569,884 AI-supported attacks every day April through September, according to Imperva Threat Research. Researchers said tools such as: ChatGPT, claudeAnd Gemini and special bots that crawl websites for LLM education data are used to carry out attacks.

TO SEE: Gartner finds AI-enabled attacks were the top cyber threat for the third consecutive quarter

Types of attacks include distributed denial of service attacks, in which an e-commerce website’s resources are deliberately overused to cause downtime. Abuse of business logic was most common where legitimate website applications or APIs were used to manipulate prices, misuse discount codes, or gain unauthorized access.

Cybercriminals are increasingly leveraging AI for all kinds of fraud, especially online shopping fraud, as it becomes more widely available. Moore said the technology limits the speed at which bad actors can launch scams and eliminates some signs that online content is not legitimate.

“Rarely does a scam occur with an old-fashioned spelling or grammatical error,” he told TechRepublic.

Tips for tech buyers to avoid holiday scams

• Don’t let yourself rush. Criminals often create false urgency by promoting limited-time deals or rare items; So always verify such offers.
• Avoid paying via bank transfer. Scammers prefer bank transfers because they are harder to track and offer less protection to victims; Therefore, opt for a credit card if possible.
• Create strong, memorable passwords. NCSC recommends using three random words to make guessing harder.
• Implement two-step verification. This can prevent a criminal from accessing your account even if they get your password.
• Trust your instincts. If something isn’t working, cut off contact, don’t click on links, and research the company or seller by reading reviews on reputable websites.