They share recommendations for safe shopping during Black Friday and the holiday season

Guatemala, November 2025. Every year, with the arrival of Black Friday, Cyber ​​Monday, and the holiday season, millions of people shop online. However, this is also one of the times most exploited by cybercriminals to carry out digital fraud and phishing, smishing, and identity theft campaigns.

In the context of International Cybersecurity Day , celebrated on November 30 , experts from Sistemas Aplicativos, SISAP, are calling for digital prevention, warning about new forms of fraud and sharing recommendations for safe online shopping.

During 2025, cybersecurity specialists identified a significant increase in the use of artificial intelligence to create more believable and personalized scams . From fake websites almost identical to the originals to automated messages that mimic the tone of well-known brands, criminals are seeking to deceive victims with an unprecedented level of sophistication.

Among the most prominent trends are advanced phishing , where fake emails and websites accurately replicate official portals; smishing , through SMS messages offering fake discounts or non-existent delivery alerts; and OTP code fraud , in which the user is asked to share their verification code to complete a purchase or "confirm an account".

In this context, Esteban Pinetta , A Digital Fraud Analyst at SISAP warns that “ during peak consumption seasons, fraud increases considerably. It is essential to verify that websites are legitimate, be wary of promotions with excessive urgency, and always confirm official channels before making a payment.”

Similarly, businesses must also strengthen their mechanisms for detecting suspicious behavior that identify anomalous patterns and the processes for verifying the identity of the buyer and the devices used .”

Recommendations to avoid falling victim to fraud

SISAP specialists recommend adopting safe digital habits before, during, and after making an online purchase. Verifying that the website starts with https:// and that the domain is legitimate; enabling multi-factor authentication (MFA) for emails and online banking ; avoiding offers that seem too good to be true; checking payment methods; and not sharing passwords or verification codes are some of the essential practices.

In this regard, José Amado , Digital Identities Manager at SISAP, points out that “attackers are leveraging artificial intelligence to create hyper-realistic messages and obtain personal data. The first line of defense is to protect your identity: use multi-factor authentication, review application permissions, and never share passwords or verification codes.”

Amado recommends using debit and credit cards strategically, reserving credit cards for international purchases and large purchases due to the characteristics and potential consequences of each. Check with your bank to see if your card offers additional security features (such as 3D Secure) and how to enable them. Debit cards should be used for cash withdrawals or local purchases, although alternative methods exist for these needs.

In addition, experts recommend protecting devices by keeping the operating system and antivirus software up to date, checking seller reputations on marketplaces, avoiding clicking on links received via instant messaging or SMS, and frequently reviewing bank transactions to detect any irregularities in time.

Businesses and online stores must also redouble their efforts to ensure consumer trust. SISAP suggests implementing fraud detection systems , verifying domain authenticity , and training staff in cyber incident response . Clearly communicating official promotions and legitimate contact channels is also key to preventing impersonation.

In observance of International Computer Security Day , SISAP encourages users to take a few minutes to review their security settings, update passwords, and enable multi-factor authentication. “Digital security is everyone’s responsibility. Being aware, verifying information, and sharing best practices can prevent financial losses and protect our online identity,” Amado concludes.

About SISAP  

SISAP, Sistemas Aplicativos SA, is a company founded in 1985, a leader in the Information Technology and Security market with a presence in 11 countries in the region. It has a broad portfolio of services and solutions focused on information security, with over 1,000 certifications that attest to the quality of service it provides to its clients.  

With over 40 years of experience, they are the leading provider of security solutions and services to clients in Latin America. Their team comprises more than 400 employees (60% of whom are engineers), forensic laboratories, a cybersecurity academy, over 100 partner brands, and various regional offices located in Guatemala, El Salvador, Honduras, Nicaragua, Costa Rica, Panama, the Dominican Republic, Colombia, Paraguay, Mexico, and the United States. For more information, visit www.sisap.com