WASHINGTON, Nov. 03, 2025 (GLOBE NEWSWIRE) -- The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today released its 2025 Holiday Season Cyber Threat Trends report, highlighting a sharp rise in fraud and automated bot attacks expected to align with peak seasonal shopping demand across the retail, hospitality, and travel sectors.
The report analyzes threat data from the past two holiday periods alongside current trends, showing that fraud has rapidly escalated to become the most widespread threat facing consumer-facing organizations during Q4. Areas of greatest concern include receipt and return abuse, loyalty and points fraud, refund scams, and bot-driven schemes that rapidly scoop up high-demand items before real customers can buy them.
Information provided by participating RH-ISAC member organizations shows rising concern about account takeover attempts, malicious look-alike domains, and fraudulent ads targeting customers during peak shopping days. Adversaries affiliated with groups such as ShinyHunters and Scattered Spider are expected to intensify extortion operations and exploit third-party vulnerabilities throughout the season.
“The holiday shopping period continues to be the most active fraud environment that we face as defenders,” said Suzie Squier, president, RH-ISAC. “Fraudsters see opportunity in higher transaction volume and operational pressure. Collaboration and rapid intelligence sharing help our community stay ready for what’s ahead.”
According to the report, RH-ISAC member organizations are preparing with company-wide awareness campaigns, incident-response exercises, and expanded use of AI-driven tools to detect anomalous behavior during major shopping milestones such as Black Friday and Cyber Monday.
The report notes that automated attacks during the 2025 season may surge to unprecedented scale, with a predicted 520 percent increase in genAI-driven traffic during the 10 days prior to Thanksgiving. Frontline staff members will face additional challenges in distinguishing legitimate customer issues from fraudulent ones.
High-risk periods identified in the forecast vary by threat category but span mid-November through late December, including elevated spikes in:
- Account takeover attempts that will target retail and quick-service restaurant accounts
- Gift card theft and fraud linked to major sales events
- Retail bot attacks aimed at limited-availability items and loyalty member perks
The full 2025 Holiday Season Cyber Threat Trends report is now available to participating members of the retail, hospitality, and travel cybersecurity community. RH-ISAC continues to unite security teams with intelligence resources, best-practice sharing, and operational collaboration to reduce risk during this year’s busiest consumer period.
About RH-ISAC
The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) is the trusted cybersecurity community for retailers, restaurants, hotels, travel organizations, casinos, food retailers, consumer products companies, and more. Security teams collaborate at strategic, operational, and tactical levels to strengthen defenses across the entire sector. Learn more at rhisac.org.
Media Contact:
Annie Chambliss
pr@rhisac.org
A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/ff59d9a7-3c14-4441-8640-b236da5eae8a
