December 1, 2021

‘Tis The Season to Be Scamming: DNSFilter Predicts Online Scams

Malicious sites using Amazon’s name have skyrocketed since early November. Data collected by DNSFilter shows the average DNS query to malicious Amazon sites increased more than 111x in November compared to the previous months, just in time for the holiday season.

Washington, D.C. <Dec. 1, 2021> -- The holiday season means shopping for gifts and finding the best deals. However, it is also the season for many to become prey to online scams. DNSFilter ( the leading AI-based DNS security company wants users to be aware of the potential security threats that can arise during the holiday season. 

According to a 2020 Experian survey, 1 in 4 Americans reported falling victim to fraud during the holidays. These holiday threats come in different formats, but an increasing trend is creating “dupe” sites mimicking brands and retailers and offering special deals to lure in consumers. In November, access to shopping on the DNSFilter network increased around 9.81%, while access to shopping sites also categorized as phishing increased 6x. 

"Online shopping continues to grow and consumer trust in eRetailers is high. This makes holiday and shipping-related sites especially nefarious as vectors for malware, ransomware, and phishing. In addition to dozens of festive scam sites identified by our domain intelligence, we're also seeing new ransomware kits that leverage concerns about shipping slowdowns and supply chain issues over the holidays. It is critical for businesses to have DNS protection in place to protect users who may be doing holiday browsing, or package tracking, on a company computer,” said Jen Ayers, Chief Operating Officer and cybersecurity industry veteran.

Online Shopping and Shipping Are Top Targets 

Based on data gathered by DNSFilter, queries on their network to malicious Amazon sites increased more than 111x in November 2021. This includes scams mimicking freight and shipping services that Amazon provides, in addition to fake gift card giveaways and login pages.

During a season where logistics and delivery services are at an all-time high, companies like DHL and FedEx are also victims of typosquatting and domain spoofing. The number of malicious FedEx domains encountered in November increased over 14% compared to the previous period, and nearly 13% more DHL malicious domains were identified on the DNSFilter network.

Over the last few years, the percent of shopping traffic on the DNSFilter network continues to increase. Before Thanksgiving and Black Friday in 2019, shopping represented 10.69% of the DNSFilter network compared to 13.81% in 2020. In 2021, access to shopping sites represented 19.46% of their network.

The company also noted an increase in DNS queries to sites that include the terms “Christmas” and “BlackFriday.” Scams taking advantage of the keyword “BlackFriday” ranged from niche, such as a site “selling” Doc Martens, to broad “Black Friday Always” sites. Scams found leveraging “Christmas” claimed to sell Christmas sweaters, ornaments, and one even mimicked a German bank. 

By bringing awareness to these potential threats, consumers can prepare to have a safe holiday season without falling victim to online fraud. For more information on DNSFilter’s findings visit

About DNSFilter

DNSFilter is a venture-backed startup providing edge-layer security via DNS. They protect over 15,000 organizations from ransomware, phishing, botnet, and other cybersecurity threats—all while running on the fastest network within the DNS security industry. DNSFilter identifies threats up to 154 hours faster than competitors and uniquely categorizes more than 61% of domain-based threats, including zero-day threats.

Media Contact

Jillian Kossman

Read More on DNSFilter

Explore More Content

Ready to brush up on something new? We've got even more for you to discover.

Secure Your Organization Without Slowing Down

Content filtering for end-user protection. Block security threats and inappropriate content with DNSFilter.