Holiday shopping is supposed to feel fun, but every year it becomes a playground for scammers. McAfee Labs is now warning that 2025 is shaping up to be one of the worst seasons yet, with cybercriminals cloning big-name brands so convincingly that even tech-savvy shoppers are getting fooled. The research looks at everything from fake Apple store pages to phony Coach bag “drops,” and the results paint a pretty bleak picture of what’s lurking behind those too-good-to-be-true deals lighting up social feeds.
Tech continues to dominate holiday wish lists, so it’s no surprise that scammers are leaning on familiar names. Apple is the top impersonated brand, with criminals spinning up storefronts that look nearly identical to the real thing. Nintendo is close behind thanks to the Switch 2 hype, and Samsung, Disney and Steam also show up constantly in scam URL traffic. These fake pages often copy product photos, layouts and even polished customer-service language, which can easily fool someone browsing on their phone between errands.
Luxury brands aren’t catching a break either. Counterfeit storefronts for Coach, Dior, Ralph Lauren, Rolex and Gucci spiked sharply. Coach alone towers over the rest of the luxury category, accounting for about forty-five percent more scam URLs than any competitor. Scammers know the formula… clean branding, holiday-themed promo graphics and heavy pressure to buy before a “limited drop” ends.
McAfee says the surge in activity started even before the holiday season kicked into gear. Americans are already seeing a flood of ads from unfamiliar retailers, and early-season scam URLs jumped by about ten percent from early October to early November. The combination of AI-generated visuals, rushed shopping and relentless marketing creates a perfect storm where fake sites slip in unnoticed. Many people are uneasy about that shift: fifty-seven percent of Americans say they’re more worried about AI-driven scams this year than last, and plenty admit they’ve bailed on purchases just because something felt off.
One of the standout themes in McAfee’s research is that confidence doesn’t equal safety. A large share of shoppers believe they can spot scams easily, yet twenty-two percent say they’ve already been tricked during previous holiday seasons. The fakes are getting better, and a lot of people browse quickly without paying attention. That’s exactly the environment scammers depend on.
McAfee suggests slowing things down, especially when a message tries to create urgency. Go straight to the retailer’s official website instead of clicking a link in a text or DM, stick to brands you trust and treat any pressure tactics as automatic red flags. Using proper security tools helps too. McAfee’s Scam Detector, bundled in its core plans, scans links and warns users before anything malicious loads. And of course, basic hygiene still matters: turn on two-factor authentication, use unique passwords, watch your credit-card statements and make sure you’re on secure sites before entering personal information.
McAfee Labs based its findings on real web traffic from October through November 2025, zeroing in on brands that scammers tend to copy the most. Researchers queried brand-related keywords to surface malicious URLs and then counted each attempt to visit those pages as a scam hit. The company paired that data with survey responses from more than 8,600 adults across multiple countries to understand how shoppers are feeling this year. Put together, the two sources tell a simple story: people want deals, scammers want victims, and AI is making it easier than ever for the bad guys to look legitimate.
Support independent tech journalism
NERDS.xyz is independently owned and operated. If you enjoy my coverage of Linux, AI, hardware, cybersecurity, and tech culture, consider supporting the site on Ko-fi.
Support NERDS.xyz