Scammers are decking the halls early this year, popping up everywhere from inboxes to fake storefronts. The FBI warns that this year’s surge in fraud is spreading across all major consumer channels.
In a new holiday alert, the bureau flagged a jump in non-delivery and non-payment complaints tied to last year’s shopping season, a pattern it said is already reappearing.
How this year’s holiday scams are getting to consumers
According to the FBI, scammers are pushing their schemes through multiple entry points to catch people during moments of speed, distraction, or routine.
- Email: Spoofed retailers and shipping notifications lure shoppers into clicking malicious links or entering login and payment details on look-alike pages.
- Social media: Fake ads and impersonated brand accounts promote deals that lead to counterfeit storefronts or payment traps.
- Fake retail websites: Clone sites mimic legitimate stores, capturing card numbers, personal information, or payments for items that never ship.
- Delivery updates: Phony “package on the way” or “address issue” messages redirect victims to credential-harvesting pages or prompt immediate payment.
- Phone impersonation: Callers pose as customer service, retailers, or government agencies, pushing victims into sharing account info or paying through high-risk methods.
- QR codes: Altered or fraudulent codes route people to malicious websites or spoofed login screens dressed up as help desks, tracking tools, or checkout pages.
The bureau warned that the growing overlap between legitimate shopping flows and fraudulent lookalikes makes this season’s threat harder to spot, with scams now blending seamlessly into the places shoppers use every day.
The stats back up the FBI’s holiday warning
Data from the Internet Crime Complaint Center (IC3) reflected just how costly last year’s holiday stretch turned out to be. Non-delivery and non-payment scams — the fraud types most closely tied to peak shopping — drained more than $785 million, while credit-card fraud added another $199 million in losses, according to the FBI’s complaint center.
Phishing and spoofing remained the largest entry points overall, with more than 193,000 reports, and IC3 data showed complaint volumes regularly spike in the months immediately after the holidays as victims realize orders never shipped or that their accounts were compromised.
Consumer behavior is only amplifying that risk. A new Mastercard survey found 48% of shoppers would ignore security red flags for a deep discount, and 72% still buy from unfamiliar sites, even when they believe they’re being cautious.
The Federal Trade Commission (FTC), meanwhile, reported that social ads and impersonated brand pages remain a major source of fake deals, and warned that demands for gift cards, wire transfers, payment apps, or crypto are still among the clearest signs a sale isn’t real.
How to outsmart the grinches targeting your holiday haul
The FBI’s guidance leans on simple steps that make it harder for scammers to slip into your shopping flow. The bureau says most holiday schemes succeed when shoppers move fast, so slowing down and verifying basics goes further than people think.
- Be wary of unexpected messages. Treat surprise emails, texts, or DMs about orders, deliveries, or account issues as suspicious until verified.
- Check the URL before you buy. Make sure the site uses HTTPS and matches the retailer exactly. No extra words, hyphens, or swapped letters.
- Skip the link and go direct. If a message claims there’s a problem with an order or payment, visit the retailer’s official site instead of clicking the link.
- Never pay with gift cards. The FBI says legitimate sellers won’t ask for prepaid cards, and scammers prefer them because they’re nearly impossible to reverse.
- Verify the seller. For unfamiliar stores or marketplace listings, check reviews and confirm the business actually exists before entering any information.
- Track shipments only through official channels. Use retailer apps or known tracking tools rather than links sent out of the blue.
- Update your devices. Keeping software up to date helps block malware planted through fake ads, spoofed sites, or bad QR codes.
The FBI stressed that if something feels off, trust your instincts and report it to the IC3 at ic3.gov so investigators can track emerging schemes.
Adobe’s read on US Black Friday spending hitting $11.7B shows just how much money is now flowing through the same digital channels scammers are trying to exploit.
