Over-confident consumers putting their online safety at risk, finds new KPMG UK research

  • Data reveals that 90% of consumers are confident at recognising a fraud or phishing attempt via email, and 89% of people think they could recognise fraud or phishing in text message.
  • This is a huge jump from last year, when just less than 70% of respondents said they would be able to identify an SMS or website-based scam.
  • 30% of respondents said they would find proactive communication about how retailers are protecting them from fraud annoying.
  • And 42% of 18–24-year-olds are more likely to use an online retailer if they knew it had previously been hacked and/or suffered a data breach.

New research, commissioned by KPMG UK and conducted by OnePoll, shows a huge jump in consumer confidence in their ability to protect themselves from online fraud and scams, ahead of peak online shopping event, Black Friday.

The survey revealed that 90% of respondents would be confident at recognising a fraud or phishing attempt via email, and 89% said they could recognise fraud or phishing in a text message. In the 2020 version of the survey, just less than 70% said they would be able to identify an SMS or website-based scam, demonstrating a huge jump in confidence over the last twelve months. This can be partly attributed to consumers being more familiar with online shopping today, having been forced to use the internet for most purchases during the pandemic.

Two-thirds (62%) of respondents said the amount of shopping they do online over the last 18 months has increased, and a third (33%) browse and purchase most of their goods online. This combination of people shopping more online, fraud attempts going up and consumers’ complacency of their online security is exposing them to huge risk.

Connect with us

Save, Curate and Share

Save what resonates, curate a library of information, and share content with your network of contacts.

Commenting on the findings Martin Tyley, Head of UK Cyber KPMG UK said:

“In the corporate world, we see up to a quarter of employees clicking on simulated phishing attacks – while there is perhaps less personal accountability when it comes to cyber security in people’s corporate life versus their home life, these figures still raise concern that consumers are vastly overestimating their ability to spot fraud when doing their Black Friday shopping online.

“Conversely, throughout COVID-19 we have seen the relentless rise of text message scams – it may be that current education initiatives to drive awareness of this crime have had the desired effect.”

The data also revealed that consumers are split on how they want to be made aware of scams and fraud, with some finding proactive warnings and advice irritating. When asked if an online retailer were to contact them to explain how they are protecting them from fraud, 30% of respondents said that they would find it annoying and would be less likely to use the retailer. Only 36% thought it would be helpful and they would be more likely to engage with the brand. This presents companies with a challenge of how to accommodate consumer preferences whilst also keeping them safe online.

In the survey, 42% of 18–24-year-olds stated that that they were more likely to use an online retailer if they knew it had previously been hacked and/or suffered a data breach, compared to 2% of 55–64-year-olds and 6% of those aged 65 and over. This implies that younger people assume that the organisation in question would have boosted their security measures following an attack. It may also be that some younger, digitally native people have a limited understanding of the risks associated with a data breach, given how much personal information they willingly share on social media and other online platforms.

Tyley adds: “This presents an interesting position for any organisation with a large younger audience that has been hacked. With this demographic more willing to forgive and forget, there is an opportunity for brands to quickly rebuild trust with these customers by communicating what has been done post incident to improve online security.”



The research was conducted by One Poll on behalf of KPMG UK, with 2,000 UK consumers being interviewed between 12th – 16th November, 2021.



KPMG LLP, a UK limited liability partnership, operates from 21 offices across the UK with approximately 16,000 partners and staff.  The UK firm recorded a revenue of £2.3 billion in the year ended 30 September 2020.

KPMG is a global organisation of independent professional services firms providing Audit, Legal, Tax and Advisory services. It operates in 147 countries and territories and has more than 219,000 people working in member firms around the world. Each KPMG firm is a legally distinct and separate entity and describes itself as such. KPMG International Limited is a private English company limited by guarantee. KPMG International Limited and its related entities do not provide services to clients.



Lizzy Chesters – Media Relations Manager

T: +44 (0)20 3078 3732

E: lizzy.chesters@kpmg.co.uk


KPMG UK Media Relations Team:

T: +44 (0) 207 694 8773