.
Image: Simphiwe Mbokazi
Black Friday is now the biggest weekend in South African retail, both online and offline. With over a billion e-commerce transactions annually and a 30% surge in sales during the Black Friday Cyber Monday window, retailers are gearing up for record-breaking demand.
So are cybercriminals.
Gone are the days when spotting a scam meant scanning for typos. Today’s threats are industrial-grade: AI-generated phishing emails, deepfake customer service calls, fake payment portals that look pixel-perfect, and bots capable of mimicking real user behavior.
And according to the newly released Sumsub Identity Fraud Report 2025–2026, Africa is now one of the world’s most active, and fastest evolving fraud battlegrounds.
Sumsub’s data paints a clear picture: while “low-effort” scams are declining across the continent due to better verification systems, fraudsters have simply changed tactics. Scammers are now deploying AI to scale attacks, produce credible deepfakes, and build synthetic identities.
Key African deepfake surges in 2025:
Zambia: +967%
DR Congo: +367%
Malawi: +325%
Tanzania: +317%
Kenya: Deepfakes make up nearly 10% of all fraud attempts
Across the continent, 24% of people admit they can’t reliably identify a deepfake, while one in five have already been targeted by one.
“AI reshapes both offence and defence,” says Pavel Goldman-Kalaydin, Head of AI/ML at Sumsub. “Attackers gain deepfakes, synthetic IDs, and autonomous fraud agents. Defenders gain behaviour modelling and millisecond anomaly detection.”
It’s an escalating arms race, one that will peak precisely when Black Friday hits.
Retailers are under pressure, systems are overloaded, customer service queues are long and consumers are rushing through checkouts looking for the fastest, and cheapest deal available. This is exactly when phishing attacks spike.
Cybercriminals target:
Customers with fake order confirmations, promo codes, delivery updates, and cloned websites
Retailers with bogus supplier invoices, CEO impersonation emails, and fraudulent refund requests
With the help of AI, these attacks now perfectly mimic brand tone, design, and domain structure.
“Fraudsters are moving from high-volume, low-effort scams to highly targeted, AI-driven operations,” Hannes Bezuidenhout, VP for Sales Africa at Sumsub noted.
“Africa’s story is not only about exposure, it is about resilience and innovation.”
Some markets saw dramatic declines in fraud thanks to regulation and improved verification:
Nigeria: −54% YoY
Algeria: −60%
Kenya: −42%
South Africa: −31%
But victory comes with a twist: as basic fraud gets harder, fraudsters have pivoted to deepfakes and synthetic IDs—the advanced, AI-powered strain of cybercrime.
SA saw deepfake attacks jump 269% YoY, despite an overall drop in fraud rates.
In her Black Friday digital safety briefing, Dr. Belinda Rathogwa, Head of Digital & eCommerce at Standard Bank, highlighted that the biggest threat to consumers is urgency.
“Cybercriminals know people are rushing. The moment you feel pressured, by a countdown timer or an unbelievable deal, you’re at your most vulnerable,” she explained.
Based on insights from Standard Bank experts and Sumsub’s continental data, here’s how to stay safe:
1. If a deal looks too good to be true, it is. Scammers love big-ticket items: TVs, smartphones, gaming consoles. Anything claiming 50%–70% off from unknown sellers should trigger immediate suspicion.
2. Never click on promotional links. Instead of tapping an email or ad, type the retailer’s URL directly into your browser. Most Black Friday scams succeed through link-based phishing.
3. Use secure payment methods, and never share your OTP.
Your bank will never ask for your:
One-time pin
Password
Card CVV
Mobile banking access
Avoid public Wi-Fi for purchases.
4. Don’t overshare your personal data. A retailer does not need your ID number or date of birth to sell you a toaster.
5. Keep your devices updated. Delaying updates is one of the easiest ways to expose yourself to malware.
For businesses, one employee falling for a phishing email can trigger:
Ransomware shutdowns
Fraudulent payments
Loss of customer trust
POPIA-required breach notifications
Higher post-incident resignation rates
For consumers, the risk is simpler: losing money, losing access to accounts, and in many cases, being pulled into a “money mule” scheme without realising it. One in four Africans has already been targeted for money muling, according to Sumsub.