The common mistakes shoppers make on Black Friday, according to cybersecurity expert

Laura Hampson
Updated ·4-min read
Over the shoulder view of young Asian woman shopping online for flight tickets on airline website with laptop, entering credit card details to make mobile payment at home. Camera and passport on the table. Travel planning. Booking a holiday online
Grinch Bots target many shoppers on Black Friday. (Getty Images)

Black Friday is upon us once again, and this year Brits are expected to spend £8.74 billion in sales across the day and weekend.

Yet, while you can certainly grab yourself some decent bargains from the sales, one cybersecurity expert has warned of the common mistakes shoppers make on the biggest shopping day of the year.

Tom Holloway, head of cybersecurity at Redcentric, says one of the main culprits behind why people make Black Friday shopping mistakes is a little-known bot called the ‘Grinch Bot’.

"Also known as the ‘scalper bot’, the Grinch Bots work by performing repetitive, automated tasks that then flood the traffic of websites, mimicking requests and actions of humans and sometimes gaining total control of a site," Holloway explains.

"This then enables the bot to purchase large quantities of a certain product, which is then resold for a higher price when the product is sold out on sites like Ebay or Vinted. During peak shopping periods such as Black Friday, Christmas and the January sales, these bots can be very malicious."

Businesses stress with credit cards.
Be wary of buying something second hand if it's sold out in major retailers. (Getty Images)

Holloway adds that 2023 is expected to be the ‘worst’ year on record for cyber ‘Grinch’ activity, and that we can expect to see an 8% rise in bot attacks this Black Friday compared to the average day.

"Not only is this really bad news for retailers who will be losing out to these criminals, the attacks also mean it is even more difficult for shoppers to make the most of the Black Friday bargains out there," Holloway says.

"The bots use web apps and API technologies, which also means they can gain access to mass data and private information that retailers have stored on file."

What are Grinch Bots?

According to Lunio, Grinch Bots is a program that tracks popular retail items, buys them in bulk, and then sells them on second-hand sites for a much higher price.

These bots will buy all available stock of a popular item, which leaves customers frustrated and desperate to spend whatever money possible to get their hands on an item.

How to avoid being scammed on Black Friday

Holloway has a few top tips to avoid being scammed by a Grinch Bot this festive season:

1. Be wary of independent retailers

"Whilst it is absolutely a good idea to support independent retailers, especially during the festive season, these are often the prime target for grinch bots, because they lack the enterprise levels of cyber security, which can mean genuine bargain hunters losing out of the best Black Friday deals," Holloway says,

"If you’re after a particular product, it’s definitely a good idea to shop around first to see if it’s stocked at a large retailer too, as these are typically more difficult for the bots to access."

Little girl holding tall stack of christmas presents, standing in living room
Grinch bots often take advantage of people buying presents for the festive season. (Getty Images)

2. Avoid second hand retailers

"If you spot a product that has suddenly sold out in most retailers, but is available on re-sale sites such as Vinted, Ebay or Depop, do not succumb to these," Holloway advises.

He adds that, more often than not, this will mean you are "putting money into a criminal’s pocket by making a purchase".

"Not only this, you can end up in a really sticky situation if you don’t end up receiving the product, which can end up being a real headache," he adds.

"It’s definitely better to wait until the products are re-stocked with the original retailer, which will also save you a lot of money in the long run."

3. Watch out for trainers, electronics and event tickets

Holloway says trainer releases are one of the most common products targeted by Grinch Bots during sales periods.

"Thankfully, retailers are starting to implement processes such as raffle draws, which means that only one trainer purchase can be made per user, making it more difficult for bots to be successful," he adds.

"Event tickets are also a common target for bots, especially in the run up to Christmas when people will be looking to give these experiences as gifts. Make sure you only purchase event tickets from major retailers and avoid re-sellers on sites like Ebay and Twitter using the event hashtags. You can purchase second hand tickets for sold out events from sites including Ticketmaster, which provide you with full protection."

Black Friday: Read more

  • Up next
  • Up next
  • Up next
  • Up next

Latest stories