IT Brief Australia - Technology news for CIOs & IT decision-makers
Australia

Guides

#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things

Search

Brad perriott
#
Data Protection
#
CX
#
Phishing

What holiday trading strength means for modern retail cyber readiness

Mon, 15th Dec 2025
By Brad Perriott, ANZ Country Manager, SentinelOne

This year's Cyber Weekend was one of Australia's biggest on record. The Australian Retailers Association estimated Australians were set to spend $6.8 billion across Black Friday and Cyber Monday alone  - a 4% jump from last year and a critical injection of momentum for retailers ahead of Christmas. Six million Australians planned to shop the sales, and the motivations were clear: value, reliability, and trusted retail experiences at a time when cost-of-living pressures continue to bite.

A strong Cyber Weekend is often a prelude to even higher online activity in December, as shoppers continue hunting for gifts, tracking deliveries, and turning to unfamiliar retailers when stock runs low. This sustained surge creates a prolonged window of opportunity for cybercriminals which begins earlier, lasts longer, and hits harder due to the rise of AI-enabled scams.

AI has changed the retail threat environment

A few years ago, most online scams were easy to spot. Poor grammar, odd formatting, and generic messaging gave away even the more determined attempts. That advantage is gone. AI has enabled scammers to create messages, websites, and fake ads that are harder to distinguish from legitimate retail communication. Well-crafted "order updates," "delivery issues," or "exclusive offers" now land in inboxes looking completely credible. Fake online stores can be spun up in minutes and customer service impersonations sound articulate and convincing.

This matters because volume is the cybercriminals' greatest weapon. AI has made it cheap and fast to generate hundreds of tailored lures at once, each polished enough to pass as genuine, particularly when shoppers are distracted, rushed, or in a peak-season mindset.

New channels, sharper tactics

AI-driven scams are now appearing in the same places customers expect to interact with retailers. Inboxes and messaging apps are a major entry point: shoppers waiting for parcels are far more likely to click an update or verify a delivery. Social media feeds present another challenge, with scammers buying ad placements to promote fake discounts or counterfeit sellers. In search results, malicious sites are being boosted through paid placements or manipulated SEO, sometimes sitting above legitimate retailers.

None of these tactics are entirely new, but how credible, personalised, and scalable they have become certainly is.

How shoppers can protect themselves

While technology continues to evolve, the fundamentals of safe online behaviour remain effective. Slowing down before clicking, navigating directly to a retailer's official site, and using secure payment options dramatically reduce the chances of falling victim to a scam. Shoppers should also look closely at URLs, avoid unfamiliar checkout processes, and rely on bank or app alerts to identify unusual activity early. Trusted retailers already invest heavily in making these signals clear, so customers simply need to follow them.

Retailers' role in keeping the season safe

For retailers, the weeks after Cyber Weekend are just as critical as the event itself. With threat actors actively exploiting gaps in websites, plugins, payment systems, and customer-facing tools, the margin for error is small. Strong patching practices, continuous monitoring for brand impersonation, and well-trained staff are essential in preventing attackers from getting a foothold. Beyond that, protecting customer data through modern access controls and adopting security models that assume threats may already be present can significantly reduce exposure.

The highest-performing retailers understand that cyber safety is now part of the customer experience. A breach at this time of year is costly and erodes trust during the most commercially important trading period.

December demands a different level of vigilance

Cyber Weekend may be over, but the threat window is entering its most active phase. Shoppers are engaged, online spending is sustained, and digital touchpoints multiply as Christmas draws nearer. For cybercriminals, this is a peak opportunity. For retailers, it's a moment to reinforce resilience.

The message for the sector is simple: the success of Cyber Weekend shows Australians are ready to spend, but keeping that momentum safe requires a sharper, more proactive approach to cyber risk. AI has raised the stakes. A cautious shopper and a well-prepared retailer are now the strongest partners in ensuring the season ends on a high note rather than a costly one.

Related stories
Radix honoured for digital transformation in industry
CrowdStrike gains ISO AI governance boost for Falcon
Integrated Quantum unveils quantum-resilient AI data layer
Check Point unveils AI-ready continuous exposure management
ControlUp unveils multi-tenant DEX platform for MSPs

Top stories

AI data matching: boosting accuracy & cutting costs
UK bill accelerates shift to offensive cyber security
Komodor bolsters leadership for AI driven SRE growth
Cyderes names Lana Knop Chief Product Officer for AI push
Canada’s AI push hinges on data centres & clean power