As agentic commerce takes hold, retailers are entering a new phase of automation, where AI agents act on behalf of real users to browse, compare, and buy. But these same capabilities can be weaponized by fraudsters.
This Black Friday, the challenge isn’t stopping bots; it’s distinguishing between legitimate agent-driven interactions and malicious automation designed to mimic them.
Identity amid rising automation
That distinction matters most at the account layer, where retailers must verify identity amid rising automation. Legitimate agents assisting users and malicious bots probing for vulnerabilities follow similar account creation and login paths.
Against this backdrop, the 2025 assessment shows that 64% of retailers remain vulnerable to fake account creation, and more than half are exposed to account takeover attacks due to weak login protections.
Stolen accounts, drained gift cards, and real shoppers
What’s more, many of the same vulnerabilities observed last year remain unaddressed.
The result? More stolen accounts, drained gift cards, and real shoppers forced to battle bots for this year’s hottest gifts — right in the middle of the holiday rush.
Key findings of DataDome Advanced Threat Research
Using open-source bot frameworks with minimal configuration, DataDome Advanced Threat Research conducted security tests across 11 major e-commerce sites to evaluate how well these platforms protect against automated account abuse. The results show widespread vulnerabilities that leave retailers exposed.
Fake account creation remains alarmingly easy
- 64% of retailers are vulnerable to mass fake account creation
- 73% accept disposable emails, allowing attackers to spin up unlimited accounts using temporary inboxes
- Only 27% of assessed retailers implement effective bot detection that successfully blocks automated account creation
- 36% of retailers have no MFA in place, leaving account creation flows dangerously open
Login protection remains weak
- 82% allow automated login attempts without challenge
- 64% have no account lockout controls, exposing them to credential stuffing attacks
These weak points provide ideal conditions for AI-driven attackers to scale their operations without being flagged; executing targeted login attempts, spinning up fake accounts, and interacting with security flows more like humans than bots.
Implications & risks
- Mass fake account creation: Fake account creation remains the most widespread and damaging threat leading up to Black Friday. Attackers use disposable email domains and simple aliasing techniques (like Gmail’s “dot” and “plus” tricks) to generate hundreds of accounts from a single inbox. Combined with automation and now AI agents that simulate real user input, these fake accounts are created at scale and often pass verification unnoticed. Once created, these accounts are used to bypass purchase limits, hoard high-demand inventory, and repeatedly redeem promotions or referral codes. The financial damage can be substantial; retailers stand to lose $50,000 – $500,000 per campaign to fraudulent promotions and resale-driven inventory grabs.
- Credential stuffing & account takeover: Credential stuffing remains a high-impact, low-visibility threat. With 55% of retailers failing to enforce account lockout or detect bot logins, attackers can quietly test stolen credentials at scale. AI agents heighten this risk, as they adapt login attempts based on platform responses, avoiding detection and increasing takeover success rates. Once inside, fraudsters exploit stored payment data, loyalty points, and user trust.
- The new risk of credential sharing in agentic commerce: According to Gartner, 90% of organizations that allow users to share credentials with AI agents will experience three times more account takeover incidents by 2028. Yet 36% of U.S. adults already say they’re interested in letting an AI agent shop or transact on their behalf. That tension—between convenience and control—will define the next wave of fraud risk. Retailers need to decide not only how to detect stolen credentials, but how to safely enable trusted agent access without opening the door to large-scale credential abuse.
- Disposable emails to bypass MFA: With 73% accepting disposable email domains, these platforms allow attackers to fully bypass MFA protections using throwaway addresses that are easy to automate and verify. The result is a false sense of security: accounts appear protected, but in practice, they’re wide open to mass fake account creation.
Recommendations: Fast fixes before Black Friday
Retailers still have time to close the most critical gaps before traffic surges. To mitigate the above risks, retailers can take steps to enhance their security posture:
- Block disposable email domains. This single change can reduce fake account creation by up to 80-90%.
- Implement email normalization. Removing “dot” and “plus” variations from Gmail addresses can cut multi-account abuse by as much as 70%.
- Implement account lockout: After repeated failed login attempts, account lockout is essential to stop credential stuffing attacks.
- Implement the disallow directives in robots.txt and deploy a robust bot management solution to actively detect and block sophisticated, malicious traffic from AI agents.
Vulnerable to automated account abuse
The e-commerce industry shows a concerning trend: while a handful of pioneering retailers have implemented sophisticated, multi-layer defenses, the majority remain vulnerable to automated account abuse, mass fake account creation, and credential stuffing attacks.
The assessment revealed that 64% of platforms fall short of baseline protections, and 18% are so exposed they lack even the most basic safeguards.
Conclusion
Black Friday 2025 carries a high risk of widespread fraud, ranging from hundreds of thousands of fake accounts to large-scale account takeovers.
The good news is that most critical vulnerabilities can be resolved within 24 to 48 hours; retailers who act now will be in a strong position to protect revenue, preserve trust, and stay one step ahead of AI-driven threats during the year’s most important sales window.