Phishing attempts, scams and fraudulent payments put the retail workforce under increased pressure
KnowBe4, the world-renowned platform that comprehensively addresses human and agentic AI risk management, is warning retailers that the upcoming peak shopping days, like Black Friday and Cyber Monday, pose an increased risk of a cyber incident. These incidents can lead to business interruption and brand damage.
During these periods, the increased digital traffic, higher email volume and IT team overload creates a ‘perfect storm’ of risk. The scenario is further aggravated by factors typical of the retail sector, such as the use of untrained temporary employees and the complexity of multichannel environments that combine physical stores, e-commerce, apps and payment systems.
According to the KnowBe4 Global Retail Report 2025, the retail industry is among the five most targeted sectors in the world. The average cost of a data breach in this segment reached US$3.48 million in 2024 (IBM Cost of a Data Breach Report), an 18% increase over the previous year.
How the most common scams work
During the busy holiday season, cybercriminals use realistic fraudulent messages, such as fake tech alerts, password resets or delivery notifications, to compromise organizations and steal consumer data. These professional-looking emails often contain malicious links or attachments that install ransomware or spyware to steal credentials. Scams exploit urgency, reward and familiarity (e.g., emails from colleagues), making employees the primary entry point for cyberattacks due to heavy workloads and less scrutiny.
Reducing risk through culture, behavior and continuous training
Combating this type of fraud requires a cultural shift for retailers. Continuous awareness programs and phishing simulations can reduce the likelihood of employees interacting with malicious messages by up to 88% within 12 months. Employees should also be trained to identify and resist adversarial inputs designed to hijack enterprise AI agents.
“Black Friday creates the perfect storm for cybercriminals,” says Javvad Malik, lead CISO advisor at KnowBe4. “With retail teams under pressure, attackers know this is when organizations are at their most vulnerable and we see an increase in attacks. Retailers should be preparing their workforce, just as much as their technology. When employees are rushed, they are far more likely to click on a malicious link or approve something that does not look right. Clear guidance and strong processes are essential to keeping both customer and company data safe in the weeks ahead.”
Beyond training, enforce security policies, review communication and implement MFA. Real-time coaching and automated phishing alerts can aid immediate fraud response. Protect business continuity and brand value by staying cybersafe.
FAQs:
- Why does Black Friday significantly increase cyber risk for retailers?
Black Friday brings a surge in digital traffic, rapid transaction cycles, and high-volume customer communications. Attackers exploit this overload to send convincing phishing messages, intercept payments, or compromise credentials. The seasonal influx of temporary or minimally trained employees adds additional points of vulnerability, making the retail sector an especially attractive target during peak shopping periods.
- What types of cyberattacks typically spike during Black Friday and Cyber Monday?
Retailers experience an uptick in phishing, business email compromise (BEC), credential-harvesting scams, fraudulent payment attempts, ransomware distribution, and attacks against e-commerce infrastructure. These attacks are often disguised as system alerts, delivery notifications, password resets, or vendor communications.
- Why are employees considered the primary entry point for holiday-season cyberattacks?
Cybercriminals rely on urgency-driven behavior. When staff are overloaded, working overtime, or navigating unfamiliar seasonal processes, they tend to skim emails and approve requests more quickly. This creates an ideal environment for malicious emails and social-engineering techniques that thrive on haste and distraction.
- How effective is employee awareness training in reducing cyber risk?
Research shows that consistent training can reduce risky employee behaviors by up to 88% within 12 months. This represents one of the highest-impact cybersecurity investments for retail environments that depend heavily on seasonal and temporary personnel.
- What steps can retailers take to reduce their exposure during the holiday season?
Retailers should:
- Deploy continuous cybersecurity awareness training
- Conduct seasonal phishing simulations
- Implement strong MFA and secure access controls
- Reinforce communication policies (e.g., how IT contacts employees)
- Educate teams on adversarial inputs that aim to hijack enterprise AI agents
- Strengthen incident escalation pathways
- Use real-time coaching tools and automated phishing reporting
About KnowBe4
KnowBe4 empowers workforces to make smarter security decisions every day. Trusted by over 70,000 organizations worldwide, KnowBe4 helps to strengthen security culture and manage human risk. KnowBe4 offers a comprehensive AI-driven ‘best-of-suite’ platform for Human Risk Management, creating an adaptive defense layer that fortifies user behavior against the latest cybersecurity threats. The HRM+ platform includes modules for awareness & compliance training, cloud email security, real-time coaching, crowdsourced anti-phishing, AI Defense Agents, and more. As the only global security platform of its kind, KnowBe4 utilizes personalized and relevant cybersecurity protection content, tools and techniques to mobilize workforces to transform from the largest attack surface to an organization’s biggest asset. More at https://knowbe4.com.
