At this point, AI is unavoidable in day-to-day life and according to new data from the cybersecurity firm Kaspersky, 72% of consumers have used AI and a third of them rely on it for everyday tasks like creating shopping lists and budgeting. You may not even think that you’ve relied on an AI for shopping but if you’ve used a virtual “try-on” feature, or a shopping agent on a website, you’ve used AI.
As we approach Black Friday, plenty of shoppers are using AI as a deal hunter or for price comparisons. While AI is more than capable of handling those tasks, plenty of people use it for more complex ones too. If delegated a command, agentic AI can perform a shopping chore for you from start to finish. For instance, you could tell it to watch the prices for a new iPad and tell it to purchase one for you automatically when the price falls into a particularly good range.
Companies aren’t missing out on what AI tools have to offer, either. Brands and storefronts use AI tools in order to shape and tailor the shopping experience that they provide to their customers. From personalized product recommendations to AI-powered chat assistants, there are plenty of opportunities for brands to use this tech to give shoppers options – even going so far as allowing them to buy and browse products through chatbots like with ChatGPT Agent.
AI isn’t just for shoppers
Shoppers aren’t the only ones who are taking advantage of AI this year as we approach the holiday shopping season. Cybercriminals also employ AI tools to create online scams and phishing attacks so they can trick shoppers into giving out their personal information like credit card details, usernames and passwords and more.
Threat actors can also use prompt injection techniques to confuse AI models into redirecting users to malicious websites. From there, users may unknowingly enter their details which can lead to financial fraud or even identity theft.
Even without prompt injection and LLMs being involved, scammers have long been able to impersonate retailers and send phishing emails to your inbox. These messages will often offer “exclusive discounts” or “limited prizes,” to entice recipients into clicking through. Last year, Kaspersky reported a 25% surge in retail focused cyberthreats in the days leading up to Black Friday.
How to stay safe when using AI to shop online
Kaspersky’s security researchers have highlighted several examples on how to stay safe while using AI tools to shop, browse and complete purchases ahead of – and during – Black Friday.
One of the top tips is to make prompts to your AI assistant as detailed and well thought out as possible. Avoid general “find me good deals on computers” style prompts, and instead clearly and specifically state what you need.
Here’s an example prompt provided by the firm’s security experts:
“Act as my trusted personal shopping assistant. Find three laptops from major, reputable retailers like Apple, Amazon or Dell with an average customer review of four stars or higher. Exclude any sellers with less than 1,000 reviews. For each, list the product name, key specs, current price and a direct link to the product page on the official retailers site. Ensure that all deals are valid for Black Friday 2025.”
At the same time, you also want to be cautious sharing with an AI: don’t grant your AI access to payment details or browser extensions unless it’s from a highly reputable and established company. Make sure that your accounts are protected with two-factor, or multi-factor, authentication, and always use a credit card (or trusted payment platform) for the increased security features and fraud protection.
From there, you want to check URLs to make sure they’ll lead you to the correct company and to be extra safe, enter them in manually instead of clicking on sponsored results from a search engine. Obviously, you should never, ever enter any information onto a site that you were taken to from a unsolicited link that was sent to you via email, text or social media ads, no matter how compelling the offer seems. Instead, head directly to the retailers official website and try to find the deal there. If you can’t, you just avoided what was likely a scam.
In order to stay protected, you should be using the best antivirus software and make sure that it has anti-phishing protection and that you’ve enabled it. Many antivirus suites also have payment protection or online shopping features that can be turned on, too. Keep in mind that many antivirus programs will also use AI-powered tools, so you can use the same technology hackers are using to fend them off and avoid their attacks.
Follow Tom’s Guide on Google News and add us as a preferred source to get our up-to-date news, analysis, and reviews in your feeds.
More from Tom’s Guide
