Online shopping in Ukraine has become so routine that buying from a phone now often feels no different from going to a store. People sell children’s clothes, buy electronics, order gifts, look for discounts and arrange delivery in just a few messages.
That everyday ease has become the scammers’ greatest advantage. They no longer always need complex technical attacks when they can exploit haste, trust, the desire to sell quickly or the fear of losing a buyer. Phishing is no longer just a fake website; it has become a psychological operation.
Most schemes begin where users feel safe: on a marketplace, in a messenger, in a listing or in a chat with someone who appears to be a real buyer. Then the person is gently moved outside the official platform — to a space where there is no service protection, no dispute rules and no verified payment system.
According to Daycom’s analysis, the main danger of modern online fraud is that it disguises itself as an ordinary digital service. Victims are not offered an obvious scam. They receive a “delivery form,” a “link to receive money” or a “payment confirmation.”
Phishing has evolved together with marketplaces themselves. Fake pages once gave themselves away through poor design or clumsy language. Now they copy logos, colors, button layouts, support messages and even the tone of official delivery services.
Police captain Ihor Chepur, who works in cybercrime prevention in Kyiv, describes phishing as one of the most common schemes targeting users of online platforms. Its purpose is simple: to obtain personal data, bank card details or access to an account.
A separate category is fraud disguised as delivery. A supposed buyer writes to a seller, quickly agrees to the price and sends a link to “arrange a safe transaction.” In reality, the page asks for the card number, expiry date, CVV code or confirmation of a transaction in a banking app.
Sometimes the scheme works in reverse. A person wants to buy an item, sees an attractive price and is asked to make an advance payment outside the platform. The explanation sounds plausible: “to reserve it,” “because there are many interested buyers,” or “to avoid commission.” After the transfer, the seller disappears along with the listing.
Scammers understand that the weakest point is often not the password, but the moment of emotional decision. They create urgency: an account will supposedly be blocked, a buyer “can wait only five minutes,” delivery “must be confirmed immediately,” or a special offer is “valid only now.”
This is social engineering. The victim is not technically hacked; they are pushed into making a mistake. The other person may be polite, persistent, familiar with platform rules and even convincing enough to imitate customer support. That is why not only beginners fall victim.
Active marketplace users are at higher risk: people who often sell items, shop online regularly, look for cheaper options or use several delivery services. The more digital transactions a person makes, the greater the chance of encountering a fake scenario.
New users remain a separate target. They may not yet know that official platforms do not ask people to move to external messengers for payment, do not require a CVV code to receive money and do not send “universal” payment links through random users.
There are several warning signs that should stop a transaction before money is lost. These include a strange domain, a shortened link, errors in the website address, the absence of a secure connection, pressure to act urgently, refusal to communicate through the official chat and any offer to bypass platform rules.
Another serious warning sign is a request to enter full card details in order to receive funds. A transfer to a buyer or seller usually does not require a CVV code, online banking password or confirmation of a suspicious operation. If a website asks for more than necessary, it is not a service — it is a trap.
Banks and marketplaces are gradually strengthening protection. They introduce additional payment checks, automatically block suspicious operations, restrict external links, close fake accounts and run awareness campaigns. But no system can replace user vigilance.
Digital security begins with simple habits. For online purchases, it is safer to use a separate bank card with a limited balance, enable transaction notifications, avoid saving card details on third-party websites and use different passwords for different services.
Accounts also need protection. If a scammer gains access to a marketplace or messenger profile, they can target not just one person, but all of that person’s contacts. Two-factor authentication, checking active sessions and using strong passwords are not formalities; they are basic protection.
If phishing is suspected, action must be immediate. The bank card should be blocked through the banking app or hotline. Passwords for linked accounts should be changed. The device should be checked for malware, and the suspicious link should not be opened again.
If money has already been withdrawn, the victim should contact the bank, file a report with cyber police and submit a complaint on the platform where the communication began. Even when the funds cannot be returned immediately, such reports help block accounts, domains and repeated schemes.
Phishing is dangerous precisely because it does not look like a crime at first contact. It resembles an ordinary sale, fast delivery, convenient payment or customer support assistance. Its strength lies in the trust people already have in online trade.
Ukrainians are buying and selling more online, which means digital hygiene is becoming as necessary as watching one’s wallet in a crowded place. A fake website may disappear within an hour, but the consequences of one careless click can last much longer.
A safe online transaction begins not with a good price, but with control over personal data. When users do not follow suspicious links, do not enter unnecessary card details and do not leave the official platform, the scam loses its most important weapon — access to trust.
