91³Ô¹ÏÍø

Watch CBS News
In Your Corner

Fake sites on the rise for Black Friday, Cyber Monday. Check these 3 things before buying.

By
Joshua Sidorowicz
Joshua Sidorowicz
Josh Sidorowicz is an investigative reporter specializing in consumer issues and misinformation at CBS News Philadelphia.
Read Full Bio
Joshua Sidorowicz

/ CBS Philadelphia

With the holiday shopping season in full swing, don't let your search for sales turn you into a scam victim.

Copycat websites that look like real companies spike around Black Friday and Cyber Monday. New data from Nord VPN shows fake Amazon websites jumped 232%. Across all shopping sites, fake stores have spiked by 250%.

Cybersecurity experts say scam sites have become much more convincing than just a few years ago, when wonky designs and misspellings could help you identify a fake. Now, with the help of AI, scammers can easily mimic logos, website layouts and product photos.

But there are things you can check before you buy to protect your money.

Don't trust bogus bargains

Rock-bottom pricing should be your first clue. If a site is advertising deep discounts you haven't seen listed elsewhere, that should be a red flag. Real deals are rarely, if ever, going to be priced 70, 80 or 90% off.

"That's where they hook you," Abhishek Karnik, the head of threat intelligence research at McAfee, said, "thinking that you're going to get this amazing discount, or you know, rush in for a Black Friday deal, and it's too good to be true."

Always check the full website address

The URL of scam sites is always just slightly off from the real deal. They might include misspellings, extra words, or end in something other than .com.

Some of the URLs found on phony Amazon sites have looked like this: amazn-deals.shop or amazon-black-Friday.online, according to Consumer Affairs.

If you get an unsolicited email or see an ad on social media advertising deals, never click. Go directly to the retailer's website instead to verify if it's legitimate.

You can use a website safety checker like or to see if a site URL is legitimate.

Be wary of alternative payment forms

Cybersecurity experts advise steering clear of any website that wants you to pay in an unusual way, like through Zelle or a wire transfer, or through a special link in order to get the discount.

"I'm sure that everybody is getting excited for that Black Friday shopping, but, you know, caution is important and education is important," Karnik said.

If you clicked a suspicious link or placed an order on a fake site, Consumer Affairs recommends you change your password immediately on the impacted account, call your bank or credit card to ask about locking your card or blocking the charges, and report the fake site to the actual retailer, which could potentially help keep others from falling victim.

Looking for help with a consumer issue? Click here to submit your complaint to In Your Corner.

In:

© 2025 CBS Broadcasting Inc. All Rights Reserved.

View CBS News In
CBS News App Open
Chrome Safari Continue
const link = doc.createElement('link'); link.rel = 'stylesheet'; link.href = '/fly/fly/bundles/cbsnewscontent/css/cmp-banner.min.css?v=296763317a51cab90faa73f1bb146d5c'; doc.head.appendChild(link); doc.body.innerHTML = CONSENT_MESSAGE; } else { el.insertAdjacentHTML('afterend', CONSENT_MESSAGE); } }); } function hidePrivacyMessage() { // Remove from the main document document.querySelectorAll(`.${CONSENT_MESSAGE_CLASS}`).forEach(el => el.remove()); // Remove from inside any iframes document.querySelectorAll('iframe').forEach(iframe => { const doc = iframe.contentDocument || iframe.contentWindow.document; doc.querySelectorAll(`.${CONSENT_MESSAGE_CLASS}`).forEach(el => el.remove()); }); } function activateGatedScripts() { // Handle both new format (cmp-gated-script) and old OneTrust/Ketch format (optanon-category-4) const gatedScripts = Array.from(document.querySelectorAll('script.cmp-gated-script, script.optanon-category-4')); // Activate scripts sequentially with a small delay to avoid timing issues let delay = 0; gatedScripts.forEach(function(placeholder, index) { setTimeout(function() { // Skip if already processed if (placeholder.hasAttribute('data-cmp-processed')) { return; } placeholder.setAttribute('data-cmp-processed', 'true'); const newScript = document.createElement('script'); newScript.type = 'text/javascript'; // Try new format first (data-cmp-src), then fall back to old format (data-src) const src = placeholder.getAttribute('data-cmp-src') || placeholder.getAttribute('data-src'); if (src) { newScript.src = src; } else if (placeholder.textContent) { // Inline script - just copy the content newScript.textContent = placeholder.textContent; } // Handle new format attributes (data-cmp-attrs) - for both inline and external scripts const attrs = placeholder.getAttribute('data-cmp-attrs'); if (attrs) { const tempDiv = document.createElement('div'); tempDiv.innerHTML = '
<\/div>'; const tempAttrs = tempDiv.firstChild.attributes; for (let i = 0; i < tempAttrs.length; i++) { // For external scripts, allow defer/async. For inline scripts, skip them (not valid) if (src || (tempAttrs[i].name !== 'async' && tempAttrs[i].name !== 'defer')) { newScript.setAttribute(tempAttrs[i].name, tempAttrs[i].value); } } } // Copy other attributes from old OneTrust format for (let i = 0; i < placeholder.attributes.length; i++) { const attr = placeholder.attributes[i]; // Skip attributes we've already handled or don't want to copy if (!['class', 'data-src', 'data-type', 'data-cmp-src', 'data-cmp-attrs', 'data-cmp-processed', 'type', 'async', 'defer', 'src'].includes(attr.name)) { newScript.setAttribute(attr.name, attr.value); } } placeholder.parentNode.replaceChild(newScript, placeholder); // If external script, manually trigger window.onload handlers after it loads // This handles widgets that use window.onload for initialization if (src) { newScript.addEventListener('load', function() { // If page already loaded and script set a new onload handler, trigger it if (document.readyState === 'complete' && window.onload) { const originalOnload = window.onload; window.onload = null; // Clear temporarily to prevent loops originalOnload(); // Execute the handler } }); } }, delay); delay += 500; // 500ms delay between each script to allow full loading }); } cbsoptanon.onScriptsReady(function(cmp) { cmp.ot.targetingAllowed(function(allowed) { if (!allowed) { showPrivacyMessage(); } else { activateGatedScripts(); } }); cmp.ot.awaitInitialConsent(function(consent_model) { cmp.ot.addOnConsentChangedHandler(function() { cmp.ot.targetingAllowed(function(allowed) { if (allowed) { hidePrivacyMessage(); activateGatedScripts(); } else { showPrivacyMessage(); } }); }); }); });