With 60% of online shoppers relying on their vigilance to spot a scam, sales get risky – here's how to stay safe

As the winter sales season approaches, Kaspersky conducted a survey* to examine consumer cybersecurity practices employed during online shopping. The findings show that 97% of respondents demonstrate a substantial level of awareness of online security risks and implement at least some measures to safeguard their digital transactions.

However, the survey found that fewer than half the participants use dedicated security software to block phishing attempts and protect payment transactions. This concerning trend is particularly pronounced among the older generation (55+), with only 32% of respondents in this age group actually using security software when making online purchases.

The most commonly adopted security protocols include being vigilant about potential warning signs, such as suspicious hyperlinks or unusual website design (65%) and verifying seller authenticity (62%). Kaspersky experts emphasize that while these practices are essential protective measures for online shopping, they constitute only foundational protection strategies rather than the comprehensive fraud prevention provided by a security solution. 

Other steps that could protect online shoppers, like using a separate credit card for digital purchases or using a separate email address to register with unfamiliar online shops, were chosen by 33% and 26% of survey participants, respectively. Meanwhile, 30% claimed to consult with friends and relatives before making a purchase. Interestingly, this option is highly popular among the younger generation, with 37% opting for it, while it is less common among older people (21%).

“Throughout the year, we’ve observed that online shoppers have consistently beenone of the most desirable targets for scammers. During sales periods, their scams can become even more pervasive. Staying vigilant is crucial, but protecting yourself requires more than just awareness. It is particularly concerning how scammers are now using AI to craft more sophisticated, targeted phishing attempts that are increasingly difficult for regular users to recognize,” comments Olga Altukhova, Senior Web Content Analyst at Kaspersky. 

How to shop online without getting scammed

Sales seasons are peak times for scammers. To protect yourself against emerging threats, implement the following security practices:

• Never save your full credit card details on websites unless absolutely necessary.
• Consider using a separate debit card specifically for online purchases and set up transaction alerts on your bank and credit card accounts.
• Be extra cautious of "flash sales" that seem too good to be true. Watch out for websites that pressure you into making quick decisions, and be wary of sellers who refuse returns or exchanges.
• Use different passwords for each online account and enable two-factor authentication wherever possible.
• Apply a security solution with a strong anti-phishing component. For instance, Kaspersky Premium received the annual 'Approved' certification from the leading testing lab AV-Comparatives in 2025. It was awarded to Kaspersky Premium for detecting 93% of phishing URLs, demonstrating outstanding anti-phishing capabilities, powered by AI technology, and a commitment to safeguarding users’ digital lives and privacy.
• Scammers constantly evolve their methods, so staying informed about new phishing techniques can help you recognize and avoid them. Security blog will help you keep your finger on the pulse of emerging cyberthreats.

*The study was conducted by Kaspersky’s market research center in November 2025. A total of 3000 respondents from 15 countries (Argentina, Chile, China, Germany, India, Indonesia, Italy, Malaysia, Mexico, Saudi Arabia, South Africa, Spain, Turkey, the United Kingdom, and the United Arab Emirates) took part in the survey.