Cybersecurity technology Fortinet warns of an “unprecedented” increase in cybercrime during the Christmas and New Year period this year, according to the conclusions of the recent analysis by FortiGuard Labs in the report released this Thursday, 27th.
The analysis contained in the report “FortiRecon Cyberthreat Landscape Overview for the 2025 Holiday Season” points to “a rapid evolution in the scale, automation and professionalization of attacks targeting the online shopping ecosystem”.
Over the past three months, Fortinet researchers have identified “more than 18,000 domains associated with the festive season, including terms such as Christmas, Black Friday or Flash Sale, of which more than 750 are malicious”, and “more than 19,000 domains that simulate major ‘e-commerce’ brands, with 2,900 malicious, many of them with small variations imperceptible to inattentive consumers”.
These domains, the report states, “are supported by ‘phishing’ [em que se tenta obter informações confidenciais]fictitious stores, gift card fraud, and overpayment schemes” and “also contribute to ‘SEO poisoning’ campaigns [conjunto de técnicas de ‘SEO black-hat’ – as quais desobedecem às diretrizes dos motores de busca – que promovem páginas de Internet maliciosas] that artificially boost malicious URLs in search results during shopping spikes.”
The report also points to exponential growth in the use of ‘stealer logs’, which extract sensitive data, with “1.57 million ‘e-commerce’ platform accounts compromised in the last three months, available on clandestine markets”.
These records include keywords [‘passwords’]’cookies’, active sessions, ‘autofill’ and fingerprints [‘fingerprints’] of mobile devices.
The document also identifies what it called “Holiday Sales” for bank details and CVV [dígitos que constam no verso do cartão bancário].
“Malicious actors use Black Friday-style promotions to sell stolen data at discounted prices, fueling an increase in fraud attempts,” he adds, noting that the FortiGuard Labs investigation “identifies a fully matured criminal ecosystem, where any attacker can launch sophisticated campaigns without advanced technical knowledge.”
Fornitet recommends that companies urgently update their platforms, monitor fraudulent domains, among other actions.
As far as consumers are concerned, recommendations are to check Internet addresses [URL] before entering personal or financial data, give preference to cards with anti-fraud protection, activate multi-factor authentication [MFA] in stores, email and banking applications (apps).
Furthermore, it also recommends that consumers avoid public Wi-Fi networks or use a VPN when making purchases or managing bank accounts.