I think I bought from a scam site — what do I do?

Immediately call your bank or credit card company to dispute the charge and request a new card. File a report at reportfraud.ftc.gov. If you used PayPal, file a dispute through their resolution center within 180 days. Take screenshots of the fake site (it may be taken down soon) as evidence.

Black Friday & Cyber Monday Scams 2026: Fake Deal Sites, Phishing & How to Spot Them

Q: How do I know if a Black Friday deal site is real?

Check three things: (1) the URL — real Apple is apple.com, real Nike is nike.com, anything with extra words or hyphens like 'apple-deals.com' is fake; (2) the domain age — paste it into Scanify, brand-new domains during Black Friday are red flags; (3) the deal size — 90% off Apple products is not real, ever.

Q: Is the USPS / FedEx / UPS text I got real?

Almost certainly not. Carriers do not send unsolicited tracking SMS unless you signed up directly through their website. Texts about 'undelivered packages' with a link to 'reschedule' are the #1 most reported scam on Cyber Monday. Real tracking numbers come from the retailer's confirmation email, not random SMS.

Q: Why are there so many scam sites during Black Friday?

Scammers register thousands of typosquat and lookalike domains in October-November (amaz0n.com, niike.com, apple-blackfriday.com). Buying a domain costs $10. If even one in a thousand visitors enters credit card info, the scammer profits enormously. Cybersecurity firms detect a 1000% increase in shopping-scam domains in the two weeks before Black Friday.

Cybersecurity firms track a 10× increase in newly-registered "shopping" domains every November. The week before Black Friday, scammers create thousands of typosquat sites like amaz0n-deals.com, nike-blackfriday.shop, and apple-cybermonday.com. They run for two weeks, harvest credit card numbers from shoppers chasing 90%-off deals, then vanish.

Even smart, careful shoppers fall for these because the sites look identical to the real ones — same fonts, same product photos, even working "live chat" widgets. The only difference is the URL and the brand-new domain age.

One-line rule: No legitimate brand discounts new iPhones, AirPods, MacBooks, PS5s, or Nike sneakers by 70%+ on Black Friday. If the deal seems impossible, it is. The retailer would lose money on every sale — that's not how Black Friday works.

The 8 Biggest Black Friday / Cyber Monday Scams

Scam #1

Lookalike "official" store domains

Sites like apple-deals2026.com, nike-officialstore.shop, amazon-blackfriday.net. They look pixel-perfect because scammers literally clone the real site. The giveaway is always the URL — the real ones are apple.com, nike.com, amazon.com with no extras.

Scam #2

Instagram / TikTok / Facebook ads

Sponsored ads showing PS5s for $99 or AirPods for $19 link to scam stores. Meta's ad approval system is famously weak. If the deal price is below dealer cost, it's not a "manufacturer mistake" — it's a credit card harvester.

Scam #3

Fake delivery / shipping SMS

"USPS: Your package couldn't be delivered. Reschedule here: bit.ly/track-usps". The link goes to a fake USPS page that asks for your address + credit card "for re-delivery fees". UPS, FedEx, USPS, DHL — none of them send unsolicited SMS with shortened links.

Scam #4

"Order confirmation" phishing

Emails claiming "Your $899 order has shipped" for something you didn't buy. Panicked, you click "cancel order" — which goes to a fake Amazon/Best Buy login page that steals your real credentials.

Scam #5

Gift card scams disguised as "rewards"

"Congratulations! You've won a $500 Walmart gift card — claim by entering your card details for the $1.99 shipping fee." Walmart doesn't randomly select you. The $1.99 charge is a hook to get your card number, which is then sold or auto-charged for thousands.

Scam #6

QR code "deal" scams (quishing)

QR codes printed on flyers, stickers stuck to gas pumps, or appearing in legit-looking emails. Scanning takes you to a phishing site. Quishing is the fastest-growing fraud vector — your phone's QR scanner can't tell good URLs from bad ones.

Scam #7

Fake review / influencer "deal of the day" pages

Sites that look like deal aggregators (Slickdeals, Wirecutter) but actually push affiliate links to scam stores. Real deal sites link to apple.com or amazon.com directly, not to deals-365.shop.

Scam #8

"Customer support" Google ads

Search "Amazon customer service phone" and the top Google ad isn't Amazon — it's a scammer who paid for the ad. They impersonate Amazon support, then "help you" by remote-accessing your computer and emptying your bank account.

Scan any deal link before you buy

Paste it. We check the domain age (brand-new = scam), the SSL certificate, and 95+ antivirus engines. 5-second verdict.

Verify a Link Free →

How to Verify a Black Friday Deal in 10 Seconds

Read the URL carefully. Real Apple is apple.com. Anything else (apple-deals.com, apple.shop, apple-discount.net) is fake.
Check the domain age. Paste the URL into Scanify — domains registered in October or November of the current year are almost always Black Friday scam stores.
Reverse-search a product image. Right-click any product photo → "Search image with Google". If the same photo appears on 20 random "deal" sites, none of them are real.
Don't trust SSL alone. The little padlock just means the connection is encrypted. Scammers get free SSL certs in 5 minutes. The padlock is not a trust signal anymore.
Pay with credit card, not debit. Credit cards have stronger fraud protection. Debit pulls directly from your checking account and is harder to claw back.

What To Do If You Bought From a Scam Site

Call your card issuer immediately — even if charges haven't posted yet. Get the card cancelled and a new one issued.
File a dispute with the credit card company under "merchandise not received" or "fraud". They'll usually refund within days.
Report it at reportfraud.ftc.gov and to the BBB's Scam Tracker.
Change passwords if you reused the password from the scam site anywhere else. Use a password manager going forward.
Take screenshots of the scam site, your "order confirmation", and any emails — they help your case AND help others if you report the domain.

The single best Black Friday safety habit: Don't search Google for deals. Go directly to retailers you already use (amazon.com, target.com, bestbuy.com) by typing them into the URL bar yourself. Scam sites can only catch you if you click on them.

Why Scanify Catches These Better Than One-Source Tools

VirusTotal alone often misses brand-new scam domains because the antivirus vendors haven't caught up yet — the scam may only be 24 hours old. Scanify combines seven sources, including:

WHOIS lookup — instantly flags domains registered in the last 30 days, which is the #1 reliable indicator of a Black Friday scam
URLScan.io sandbox — opens the site in a remote browser and screenshots it, so you can see if it's a sloppy clone before visiting
Google Safe Browsing — Google's database of confirmed phishing sites
VirusTotal's 95+ engines — for known malware
SSL certificate analysis — flags free LetsEncrypt certs issued the same week the domain was registered

Scan any link free →

Frequently Asked Questions

How do I know if a Black Friday deal site is real?

Check the URL (real Apple is just apple.com, no hyphens or extras), the domain age (paste into Scanify — anything < 30 days is suspect during November), and the price (no real brand discounts new iPhones by 70%).

Is the USPS / FedEx / UPS text I got real?

Almost certainly not. Carriers don't send unsolicited tracking SMS. Real tracking comes from the retailer's confirmation email.

Why are there so many scam sites during Black Friday?

A domain costs $10. If a scam site catches 1 victim per 1000 visitors, the scammer profits massively. Cybersecurity firms see a 1000% spike in new shopping domains in late October-November.

I bought from a scam site — what do I do?

Call your card issuer immediately to dispute and get a new card. File a fraud report at reportfraud.ftc.gov. Screenshot everything before the scam site disappears.

Black Friday & Cyber Monday Scams 2026: Fake Deal Sites & How to Spot Them