Every year, thousands of consumers eagerly await Black Friday, a date famous for special retail discounts and enabling Christmas shopping at attractive prices. However, the increased volume of transactions also requires heightened attention to digital security. To raise user awareness, OLX, Brazil's largest marketplace for used product listings, conducted a market survey on the main online frauds during the 2024 Black Friday week, which showed a 76% decrease in losses compared to the event week in 2023, totaling an estimated amount of R$ 1.9 million considering all products that suffered scams during the period.
The survey also found that 52% of the scams occurring during the 2024 Black Friday week were related to account takeover. The second most common was fake payment (26%), followed by fake listings (15%) and data harvesting (7%). Among categories, smartphones were the most targeted by scammers, representing 32% of total frauds. Video games (28%) and freezers & refrigerators (7%) also stood out.
“During periods of high shopping volume, such as Black Friday, consumers need to be extra vigilant when conducting online transactions. Scammers take advantage of this time when buyers are more focused on promotions and, consequently, less attentive, so they use social engineering techniques to simulate legitimate sales. Therefore, it is worth understanding how fraudsters operate to protect yourself and make the most of the opportunities,” says Camila Braga, Product Manager at OLX.
Among the most targeted products in the past Black Friday, iPhone cell phones led with 26% of the scams. Within the smartphone category, they accounted for 78% of the frauds. PlayStation video games represented 20% of the total cases and 70% of the occurrences within the category.
The study analyzed data from the Brazilian digital market, including websites, apps, and digital accounts during the 2024 Black Friday week, from a base of approximately 20 million open accounts on online platforms.
Learn about the main scams and how to protect yourself
Account Takeover
Leading the ranking, account takeover occurs mainly when the fraudster uses credentials leaked on the Internet to test logins on online platforms. Upon successfully accessing the account, they can publish fake listings to obtain advance payments or pose as a buyer to carry out the Fake Payment scam.
How to avoid this
Use strong passwords with letters, numbers, and special characters, and never reuse the same password on different websites, as you might be providing scammers with access to multiple accounts. It is also important to change passwords periodically, pay attention to alerts sent by the platforms about login attempts on the account, and monitor transactions on your payment methods, such as credit cards.
Fake Payment
This type of fraud became popular with the increase in digital banking transactions. The criminal sends a fake payment receipt (via email or messaging app) to the seller, who, believing the amount has already been deposited, sends the product.
How to prevent it
Only deliver the item after verifying in your bank account, digital wallet, or platform that the amount has been deposited. Keep the conversation within the chats and communication channels of the buying and selling platforms and avoid negotiating via messaging apps. Carefully check the domain of emails (xx@companyname) from communications supposedly sent by companies and always check the negotiation status on the official website or app. When making purchases from little-known stores, research whether the place actually exists and check its reputation online.
Fake Listing
Criminals post attractive listings on the platform to demand advance payments or even arrange a meeting with the victim. This scam often features offers with very attractive prices, excessively below market value, and, in addition to advance payments, requests confidential data.
How to prevent it
Be wary of listings for products with very low prices, even if they are used products, and always negotiate through the chats of the buying and selling platforms, avoiding messaging apps. Furthermore, do not click on external links sent under the pretext of confirming the meeting location. Fraudsters dislike leaving traces of their actions, so they prefer digital environments where they cannot be identified later. If you have arranged to receive the product in person, go accompanied if possible and prefer public places.
Data Harvesting
Through social engineering techniques, fraudsters seize opportunities and create scenarios to steal victim data and use it in future scams, also taking advantage of system vulnerabilities and the use of weak passwords.
How to prevent it
Never share your cell phone number, email address, CPF (Tax ID), and bank details with other people. You wouldn't give access to your documents to just anyone in the physical world, right? Exercise the same caution in the virtual environment. Also, be wary of links sent to fill out job applications that are not on official company or recruiter pages. Always keep conversations within the platform chats, where there are tools to promote the privacy of your data.
Portuguese (Brazil) 
English 
Spanish 
German 
Chinese (Hong Kong) 
Russian 
Hindi 
French 
Italian 
Japanese 
Arabic 
Chinese (Taiwan) 
Bengali 
Bulgarian 
Czech 
Danish 
Greek 
Finnish 
Croatian 
Hungarian 
Indonesian 
Korean 
Lithuanian 
Dutch 
Norwegian 
Polish 
Portuguese (Angola) 
Portuguese (Portugal) 
Romanian 
Slovak 
Slovenian 
Swedish 
Thai 
Turkish 
Ukrainian 
Vietnamese 
Chinese (China)