Cybercriminals step up festive season scams as Indians prepare for Diwali

During the festive season, a surge in online shopping driven by discounts, convenience, and smartphone use has escalated risks, with 96% worried about scams—including AI-driven attacks and deepfake endorsements—amid an average of 12 daily scam attempts targeting consumers

As India gears up to celebrate Diwali, cybercriminals are intensifying efforts to exploit the festive shopping frenzy. New research from McAfee, a global leader in online protection, reveals nearly one in three Indians have fallen victim to holiday scams, with over a third losing money. The study highlights how evolving threats such as deepfake celebrity endorsements, phishing texts, scam emails, and one-time password (OTP) frauds are increasingly targeting enthusiastic shoppers seeking festive deals.

Online festive shopping soars, alongside rising risks

The festive season in India has witnessed a marked shift towards online shopping, driven by attractive discounts, convenience, variety, and faster delivery. According to McAfee’s research, 64% of shoppers choose e-commerce platforms for better discounts, 60% for convenience, 52% for variety, and 51% for quicker deliveries. Smartphones have become the primary shopping device for 77% of consumers, with those aged 25 to 44 leading this digital shopping boom.

However, this surge in online activity has also escalated risks. McAfee found that a staggering 96% of Indians are concerned about online scams during festive sales. AI-driven scams, in particular, have raised alarm, with 72% of respondents reporting increased worry compared to the previous year. Consumers are bombarded daily with an average of 12 scam attempts through texts, emails, and social media ads. Deepfake endorsements and fake e-commerce sites are making it increasingly difficult to separate legitimate offers from fraudulent ones.

Common scams and how shoppers can protect themselves

Among the scams plaguing Indian shoppers, deepfake content is especially pervasive, with 69% encountering fake celebrity endorsements designed to trick buyers into sharing personal data or making fraudulent transactions. Fake websites and phishing texts use urgent messages like “refund notifications” or “delivery updates” to lure victims into clicking malicious links. OTP scams remain widespread, where fraudsters impersonate delivery personnel or customer service agents to extract one-time passwords, enabling unauthorized account access.

AI-powered social media bots and fake investment platforms are also contributing to the rise in cyber threats, along with voice assistant hacks that facilitate unauthorized purchases.

McAfee’s Senior Director of Engineering, Pratim Mukherjee, emphasizes, “The festive season is a time of joy and giving, but it has also become a target for scammers. By taking simple precautions such as verifying websites, securing devices, and staying alert, shoppers can protect themselves and keep the spirit of the season intact.”

To counter these threats, 98% of Indian consumers plan to adopt safer practices like shopping only on trusted websites, using strong passwords, and verifying suspicious messages directly with retailers.

Staying safe this festive season

McAfee advises shoppers to stay vigilant by verifying all communications, enabling two-factor authentication, monitoring financial statements, and avoiding clicking links from unknown sources. Consumers should be cautious of messages that pressure immediate action, request payment via gift cards or wire transfers, or insist on secrecy.

Using AI-powered scam detection tools like McAfee’s Scam Detector can help flag suspicious activity before damage occurs. Above all, trusting one’s instincts remains a critical defense—if an offer feels too good to be true, it likely is.