In the early hours of Black Friday (November 28th) in Brazil, Serasa Experian, the first and largest datatech company in Brazil, detected 650,000 orders* placed up to noon in e-commerce, via digital transactions between national retail players. Of this total, which moved R$619,293,765.94, 912 purchases were identified as attempted scams, blocked by anti-fraud technologies. If they had been completed, they could have generated more than R$800,000 in losses for consumers and companies.
This date is one of the busiest on the Brazilian promotional calendar – and, in the first 12 hours, the value of purchases is already close to the total of the previous day, R$694 million. The numbers reflect the accelerated pace of online consumption and reinforce the importance of adopting robust authentication and identity verification technologies to guarantee secure experiences for consumers and businesses.
Common scams and tips for prevention
According to data from the datatech company, the week of Black Friday 2024 saw a 260% increase in the creation of phishing pages compared to other weeks of the month. This method is a type of digital scam in which criminals simulate official websites or communications from companies to deceive users and capture sensitive data, such as passwords and payment information. Given the expectation of intense activity in e-commerce in 2025, the warning remains: this is the time when consumers must redouble their efforts regarding online security.
To consumers
• Ensure your documents, cell phone, and cards are secure and have strong passwords for accessing applications;
• Be wary of offers for products and services with prices far below market value. During these periods of major promotions, it is common for cybercriminals to use the names of well-known stores to try to hack into your computer and collect sensitive data. They use emails, SMS messages, and fake websites to try to collect information such as credit card details, passwords, and the buyer's personal information;
• Be careful with links and files shared in social media messaging groups. They may be malicious and redirect to unsafe pages, infecting devices with commands that operate without the user's knowledge;
• Register your Pix keys only through official bank channels, such as your banking app, online banking, or bank branches;
• Do not provide passwords or access codes outside of the bank's website or app;
• Include your personal information and card details only if you are certain that it is a secure environment;
• Monitor your CPF (Brazilian taxpayer ID) frequently to ensure you haven't been a victim of fraud.
Tips for businesses:
• Establish internal information security policies and guide employees on best practices, such as using strong passwords and participating in awareness training.
• Adopt encryption in data transmission to protect sensitive customer and company information from interception.
• Implement anti-fraud solutions to minimize financial and reputational risks. Having dedicated specialists and technologies makes your company better prepared to deal with sophisticated scams.
• Utilize layered prevention as a central strategy. Combined tools act at different points in the digital journey and are essential in the face of constantly evolving fraud.
• Invest in solutions that are continuously updated, ensuring data accuracy and greater resilience against new threats.
• Understand your user's behavior and reduce friction in the digital journey, without compromising security.
• Treat fraud prevention as a competitive advantage: well-orchestrated solutions increase security, reduce losses, and improve the shopping experience.
*The survey only considers transactions carried out between 00:00 and 12:00 on 11/28/2025 analyzed by Serasa Experian.
