The 2025 holiday shopping season is expected to bring record retail spending, with US sales projected to surpass $1 trillion USD for the first time. At the same time, this surge in online activity and spending creates a lucrative environment for financially motivated threat actors.
As cybercriminals intensify their efforts to exploit the holiday season, Flashpoint shares the top cyber and physical threats that people can expect this holiday season:
QR Code Fraud
The core technique involves creating convincing fake QR codes, often leveraging readily available public QR code generators that redirect victims to malicious sites.
Gift Card Draining
The widespread popularity of gift cards has made them a prime target for organized financial crime, specifically for financially motivated organized fraud groups.
The process is highly organized: first, they lift and reseal the protective sticker to obtain the PIN and card number. Then, the fraud operators leverage specialized software to monitor the card’s status. The moment a consumer purchases and activates the card at the register, the funds are instantly drained.
Phishing and Social Engineering
Flashpoint expects threat actors to deploy highly tailored phishing emails and text messages designed to steal sensitive information such as login credentials and financial details from unsuspecting retail employees and shoppers.
Crowds and Physical Violence
While the digital domain encapsulates most of the threats in the 2025 holiday season, large holiday events and public gatherings—such as Black Friday doorbusters and the Macy’s Thanksgiving Day Parade in New York City and various European Christmas markets or Hanukkah events—may become targets, as global social and political tensions remain heightened.
This entry was posted on November 18, 2025 at 8:38 am and is filed under Commentary with tags Flashpoint. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
2025 Holiday Threat Assessment From Flashpoint
The 2025 holiday shopping season is expected to bring record retail spending, with US sales projected to surpass $1 trillion USD for the first time. At the same time, this surge in online activity and spending creates a lucrative environment for financially motivated threat actors.
As cybercriminals intensify their efforts to exploit the holiday season, Flashpoint shares the top cyber and physical threats that people can expect this holiday season:
QR Code Fraud
Gift Card Draining
Phishing and Social Engineering
Crowds and Physical Violence
A full blog post has been published on the topic:
Share this:
Like this:
Related
This entry was posted on November 18, 2025 at 8:38 am and is filed under Commentary with tags Flashpoint. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.