Five Types of Shoppers You’ll Find This Holiday Season (and the Cyberscams They Must Watch Out For)

SINGAPORE, Dec. 12, 2022 /PRNewswire/ — With the holidays around the corner, we’re smack in the middle of every shopper’s favourite season. Big sales days like Singles’ Day, Black Friday, Cyber Monday, and 12.12 all offer many great opportunities for shoppers to get their fill of good deals. 

Akamai Technologies, Inc., the cloud company that powers and protects life online, shares five common shopper profiles observed during the year-end shopping period and the cyberscams they should watch out for to help consumers and businesses identify potential blind spots, and learn how to protect themselves this holiday season.

“The number of cyber-attacks continues to rise and mutate all the time. In 2022, the most alarming has been the sharp increase in malicious bot attacks, where we recorded a three-fold increase of such attacks. What this means for the retail industry is the likelihood of increased credential stuffing, where attackers use lists of compromised user credentials to breach into a system and data scraping attacks, the process of importing information from a website into a spreadsheet or local file saved on your computer,” said Dean Houari, Director of Security Technology and Strategy, APJ, Akamai.

“It is no surprise that attackers are looking to take advantage of the flurry of peak retail activity online during the extended shopping festival season since there’s much to gain financially, especially in Asia that accounts for approximately 60 percent of global ecommerce sales. It’s essential that both shoppers and retailers work together to learn how to watch out for scams and protect themselves,” he continued.



You can spot a planner miles away! Planners have their presents wrapped and ready, months before the holidays. Making and planning purchases well ahead of time, Planners often save their credit card information, log ins and other personal information on shopping sites.

Most likely to fall for: Credential Stuffing
During such attacks, attackers use lists of compromised user credentials to breach into a system via malicious bots, based on the assumption that many users reuse usernames and passwords across multiple services.

Tips to protect against credential stuffing:

Be wary of saving payment details on merchant websites. While this may be convenient, it can leave data vulnerable if the merchant is breached. Practice good password hygiene, by setting up different passwords for different sites. Better yet – use a password manager to set up unique, difficult-to-guess passwords.

The opposite of Planners, Last-Minute Shoppers often remember its sale day on 11.11 or 12.12 itself, just before the clock strikes midnight. They snag their deals, but it’s always down to the wire for them!

Most likely to fall for: Phishing

In their rush, the Last-Minute Shopper is likely to accidentally click on untrustworthy links and fall prey to phishing scams. What appears to be an email from a reputable retailer with a coveted discount may be fraudulent, but the last-minute shopper doesn’t have time to check.

With the rise of online marketplaces, this is becoming more common. Earlier this year, Singapore’s most popular peer-to-peer sales platform was affected when attackers posing as legitimate buyers directed victims to a fake bank website where they would be asked to give their banking details to receive payment. This resulted in at least 72 people losing over $109,000 

Tips to protect against phishing

Verify the validity of sites before clicking on them or providing any personal information. If emails are unsolicited, be alert to any potential errors. Do not proceed if it includes wrong information, or requests to enable macros, adjust security settings or install applications.

3.     The Bargain Hunter
The price point is the most significant purchase consideration for these shoppers, who would sift through various sites to get a substantial deal.

Most likely to fall for: Social Engineering Attacks
Bargain hunters would be likely to click on spoofed emails or accept malicious extensions that function as price comparison tools.

Attackers prey on buyer’s eagerness for a good deal by sending them fake offers that request for their personal data on a page, even impersonating legitimate tools like Google Analytics or Google Tag Manager to compromise code and steal valuable information, impacting shopping sites.

Tips to protect against social engineering attacks

Always verify the validity of the offer and the legitimacy of the sender. Use a good spam filter for emails, as a first barrier of defence against suspicious files and links.

4.     The Impulse Buyer
Driven solely by emotions, impulse shoppers often do not have a specific product in mind before placing an order. They often respond to time pressure to access a coveted item on a limited time offer, at a price too good to refuse

Most likely to fall for: Brand Impersonation Attacks
Via fraudulent links, cybercriminals impersonate popular brands, tricking victims into sharing personal information, buying contraband products, visiting a fake website, downloading malware, and more. Exacerbating these trends is social media, where attackers can easily impersonate brands, engage with customers seeking to purchase items, and request for their personal details.

Tips to protect against brand impersonation

Scrutinize links provided in emails and be on high alert if they are not pointing to the correct location or direct to a third-party site not affiliated with the brand. If in doubt, reach out to the brand on their official channels to verify offers before clicking on any links to make payments. Make sure to check that accounts are verified.

5.     The Researcher
Researchers extensively compare products and offers before purchasing. They often have various browser extensions installed on their browsers to make quick comparisons.

Most likely to fall for: Extension Malware Attacks
Cybercriminals hide viruses behind add-ons, which can then install adverts, gather users’ browsing history, and seek login credentials by impersonating famous apps and extensions. Malicious extensions could go undetected especially if security software programs treat known extensions as trusted applications.

Most recently, attackers have been using information-stealing malware like FB Stealer, which mimics the harmless and standard-looking Chrome extension Google Translate, to prey on users. Financially motivated, attackers after effectively locking a user out of their Facebook account, abuse access to ask the victim’s friends for money.

Tips to protect against extension malware attacks

Only install extensions from official Web stores. If permissions that extensions require even before installing seem suspicious, it’ll be best not to install them.

Retailers must do their part too!
For a cybersafe shopping experience, retailers have a part to play as well.

Attacks on popular retail behemoths in the last few years have revealed important lessons for merchants. Prevention is better than cure. Taking proactive steps to monitor potential threats and being ready to block unauthorised access and keep shoppers safe throughout their retail experience is essential.

“As web traffic increases, attackers similarly increase their attacks. Case in point, malicious bot attacks tripled during Single’s Day last year. These attacks could, immediately or in future, drain customer accounts, damage site functionality, and hold encrypted data ransom — all at enormous costs to businesses,” explained Houari.

“To ensure loyalty long term, retailers must make every effort to keep shopper data safe. This could include deploying a bot solution to stop credential stuffing attempts early and using password managers and multi factor authentication to secure users,” he concluded.

About Akamai
Akamai powers and protects life online. Leading companies worldwide choose Akamai to build, deliver, and secure their digital experiences — helping billions of people live, work, and play every day. With the world’s most distributed compute platform — from cloud to edge — we make it easy for customers to develop and run applications, while we keep experiences closer to users and threats farther away. Learn more about Akamai’s security, compute, and delivery solutions at and, or follow Akamai Technologies on Twitter and LinkedIn.

Contact: Archetype Singapore
[email protected]