Cybercriminals are using AI to craft personalized scams, making phishing emails and fake ads harder to detect. All online shoppers are at risk this holiday season.
HOUSTON — This year, artificial intelligence is making scammers more dangerous than ever. Cybersecurity experts say AI is helping fraudsters create personalized, realistic-looking emails, texts, and social media ads, making it harder for shoppers to spot scams.
According to Check Point Software Technologies, just this year, more than 33,000 Christmas-themed phishing emails and over 10,000 scam social media advertisements have already been identified. These scams are not limited to a single demographic.
Security architect manager in the Office of the CTO at Check Point Software Technologies, Aaron Rose, says almost anyone shopping online, checking package deliveries, or browsing social media is a potential target.
“They’re targeting everyone. I don’t know too many people that don’t have an Amazon Prime subscription. So, that’s a nice and easy target. And of course, with the holidays, everyone is shopping for gifts for their loved ones,” Rose said.
Traditionally, scammers used a “spray and pray” approach, sending one message to millions of people in the hope someone would fall for it. With AI, however, Rose says scammers can analyze large amounts of data and craft messages that appear customized to the recipient, increasing the likelihood of success.
“They’re taking one template, one email, one message, maybe a few variations, and they’re just sending it out to thousands, if not millions of people,” Rose said.
Cybersecurity specialists say the scams shoppers are most likely to encounter include:
- Fake delivery notifications – Emails or texts claiming a package is delayed or on hold, asking recipients to confirm their address.
- Bogus retail websites – Fake websites impersonating major brands like Amazon, Apple, or Lululemon.
- Social media giveaways and holiday promotions – Posts promising free gifts or prizes that direct users to phishing sites.
Experts recommend staying alert for subtle warning signs that a message may be a scam:
- Suspicious URLs – Look for misspellings or unusual web addresses.
- Unusual payment requests – Scammers often ask for payment via gift cards, wire transfers, or cryptocurrency.
- New or recently created accounts – Social media accounts that are only a few weeks or months old can indicate a fake profile.
Other indicators include emotional messaging designed to rush you into acting, particularly during the holidays, and a lack of genuine customer support, with only chatbots instead of real contact numbers.
“If it’s on social media, of course, pay attention. If it’s a new account, or maybe an account that’s only been open for maybe 60 or 90 days, that’s a huge red flag,” Rose said.
If you realize you’ve clicked a suspicious link or shared personal information, act quickly. Experts advise contacting the legitimate retailer immediately, setting fraud alerts with your bank, and reporting the incident to law enforcement. The sooner you report it, the better your chances of minimizing damage and potentially recovering lost funds.
“There actually is something that we can do about it, but time is critical. The quicker you can involve law enforcement, the better the outcome is going to be for you,” Rose said.
Got a news tip or story idea? Email us at newstips@khou.com or call 713-521-4310 and include your name and the best way to reach you.