How are businesses preparing to fight fraud and protect consumers on Black Friday?

In 2025, Brazilian e-commerce should hit another record. But what comes along with this avalanche of orders and clicks also worries.

The Brazilian Electronic Commerce Association (ABComm) projects a turnover of R$ 224.7 billion for the sector this year, 10% more than in 2024. There will be about 435 million orders and 94 million consumers browsing, buying and (sometimes) risking in virtual windows. All this in a market that has been growing uninterruptedly for eight years.

Dates like Cyber Monday, Father's Day, Christmas and even periods of continuous settlement require, more than ever, prepared and secure platforms.The so-called hot“ retail” makes the final stretch of the year not only a strategic hotbed for promotions, but also for fraud attempts.

Black Friday is marked: 28 November. And if, on the one hand, promotions move the digital economy, on the other, they also open the doors to scammers.

The 2024 edition has already shown signs of what to expect. According to ConfiNeotrust and ClearSale, only until noon on the Saturday following Black Friday were recorded 17.8 thousand fraud attempts. Estimated value of barred attempts? R$ 27.6 million. The average ticket of the scams impresses: R$ 1,550.66, more than triple the average value of a legitimate purchase.

What about favorite targets? Games, computer science and musical instruments.

Even with a 22% drop in the total value of fraud over the previous year, experts are categorical: digital criminals remain active, and more sophisticated.

Meanwhile, the PIX skyrocketed.On the last Black Friday, transactions with the instant system jumped 120.7% in a single day.R$ 130 billion were moved, according to the Central Bank.

More speed, more access, more instantaneity, more vulnerabilities. And not all platforms are prepared for this. Slowness, instability and security breaches have seen the perfect gateway for those on the other side, attentive and opportunistic fraudsters.

These flaws directly affect user experience and brand reputation.A PwC study reveals that 55% of consumers would avoid buying from a company after a negative experience, and 8% would give up a purchase after a single unfavorable incident.

“Digital security is not a final step.It is a continuous process that begins before the first line of” code, summarizes Wagner Elias, CEO of Conviso, application security specialist (AppSec).

To protect e-commerce software, the application security industry (AppSec) (which is expected to move US$ 25 billion by 2029, according to Mordor Intelligence & I. D. works to find vulnerabilities before they become real problems.

The goal of AppSec is to map security breaches before they are exploited by attackers. Elias compares with the construction of a house: “It is like building a house already thinking about access points: you do not expect someone to try to invade and then install locks or cameras. The idea is to anticipate the risks and strengthen the defenses from the beginning”, explains Elias.

And the CEO warns that companies should constantly review their platforms to identify and correct possible security breaches, creating a continuous culture of protection.“O fundamental is to offer a real guarantee for both the product and the consumer, strengthening confidence in the platform and in the entire purchase process. 

One of the solutions that can support e-commerce in this process is the Armored Site, now part of Conviso, an application security company and reference in AppSec. The trust seal acts at different levels, serving from virtual stores that need basic protection to those that require greater proof of authenticity, or even more rigorous certifications, such as PCI-DSS, required for those who deal with credit card data.

Visa, for example, blocked 270% plus fraud in 2024 over the same period a year ago.Visa has only made it possible thanks to a robust investment: more than US$ 11 billion in technology and security over the past five years.

The key? Artificial intelligence, machine learning and real-time behavior analysis. All in milliseconds. Without disturbing the real consumer, who just wants to ensure the discount at checkout.

Prevention starts at the bottom. But how to protect yourself?The recommendations are clear and involve both companies and consumers”, reinforces the CEO of Conviso.

Tips for companies:

• Include security already in the development phase of systems;
• Perform penetration tests (pentests) frequently;
• Integrate protection tools into your DevOps without losing agility;
• Train technology teams focused on good security practices;
• Create a culture where safety is routine, not exception.

And for consumers who go digital shopping:

• Escape promotions too good to be true;
• Check if the site is trustworthy (https, security seals, CNPJ, etc.);
• Give preference to platforms and apps already known;
• Avoid links received by email or social networks ; mostly from strangers
• Enable two-factor authentication whenever possible.

While the consumer needs to learn to recognize risk signals, companies have a duty to offer shielded environments.It is the combination of the two that sustains trust in platforms and keeps the market healthy”, concludes Elias.