By becoming a member, I agree to receive information and promotional messages from Cyber Daily. I can opt out of these communications at any time. For more information, please visit our Privacy Statement.

"They deliberately target people during these windows, because they know we're more likely to be distracted."

Higgins said everyone - shoppers and retailers alike - should be on high alert for any unusual payment requests or messages.

"Even if it appears to have originated from a trusted contact, be aware that scammers' impersonation tactics are increasingly sophisticated, especially with the help of AI," Higgins said.

Scammers commonly circulate phishing emails with subject lines like "Black Friday deals" or "urgent account issues", alongside vendor impersonation and business email compromise campaigns. And the scammers are getting worryingly good at posing as trusted contacts, Higgins said.

"This can include weeks or months of convincingly pretending to be a trusted vendor in a variety of channels, often after infiltrating that vendor's systems and even sending messages from their email unnoticed," Higgins said.

"Then, they might push for a fraudulent transaction or change to payment details when they know the target is less likely to scrutinise the request, for instance, during busy retail or holiday periods."

Cyber Wardens and Eftsure recommend enabling passkeys or multifactor authentication wherever possible. COSBOA's chair, Matthew Addison, said that small businesses and retailers were commonly targeted because they manage their own finances and often lack dedicated IT staff.

"From activewear labels to gyms and shoe stores, many small businesses are already in the throes of their Black Friday sales, launching promotions well ahead of the official event on November 28," Addison said.

"Black Friday and Cyber Monday are massive opportunities for small businesses, but they also create the perfect conditions for scammers. We are advising operators to slow down and make simple checks such as verifying payment requests, and double checking invoices and bank details."