“I signed up for an app because it felt like the only realistic way to meet people as a working single mom.” 

Jules, a healthcare professional in her 40s, turned to online dating while balancing work, school, and raising her child after the pandemic. Then she met “Andy.” 

He seemed like a great guy. He knew her area and even shared pictures of himself at restaurants, wineries, and neighborhood spots Jules recognized. Their early conversations felt ordinary and he seemed invested in her life and well-being. 

“He didn’t ask for money right away; he built trust first,” she said. “So when the investment came up, it didn’t feel risky. It felt like help.” 

Andy claimed he was successful in cryptocurrency and said he could show her how to pay down debt, get ahead financially, and finally have some breathing room. Jules decided, cautiously, to try it. And because the accounts appeared to show gains, and she was even able to withdraw small amounts of money, Jules believed the opportunity was real. 

But the crypto app wasn’t real. And neither was Andy. 

One day, weeks later, the account was suddenly frozen. A message popped up saying the only way to access her funds would be through a $25,000 “tax payment”. She paid the “tax,” worried about losing her investments. But the account immediately froze again, this time facing the claim of money laundering. 

That’s when she realized something wasn’t right. And Andy suddenly disappeared. 

By the time Jules realized it was a scam, she had lost more than $80,000. Jules said $25,000 of that was borrowed from her elderly mother.  

“The financial loss was devastating, but the emotional toll was worse. I felt ashamed and completely alone.”  

New research: Romance scams climb ahead of Valentine’s Day 

Jules isn’t alone. Unfortunately, this type of long-con romance scam is increasingly common. And AI-powered tools are only helping scammers increase their attack volume. 

According to McAfee’s 2026 Valentine’s Day research, 1 in 7 American adults (15%) say they have lost money to an online dating or romance scam.  

The cost of losses varied widely between age groups. American adults between ages 35 to 44 were among the most likely to report higher losses, over $5,000, while younger Gen Z victims reported smaller losses under $500.  

Of the people who’ve lost money to an online dating scam, just 1 in 4 (24%) were able to recover all their money. 

Exposure is widespread even when money is not lost. More than half of Americans say they have been asked to send money or share financial information by a potential romantic partner, often through payment apps, wire transfers, gift cards, QR codes, or cryptocurrency. 

McAfee Labs data reinforces what consumers are experiencing. During the peak dating season leading into Valentine’s Day, Labs blocked hundreds of thousands of romance-related malicious URLs and observed surging activity tied to fake profiles, cloned dating apps, and AI-driven chat behavior. In fact, Labs reported significant AI chat bot spam, with some users receiving more than 60 messages in 12 hours, even without a profile photo. 

At the same time, fewer scams relied on obvious malicious links, suggesting scammers are shifting toward persuasion and relationship-building instead. 

The research at a glance: Fast facts 

• 47% of American adults have used an online platform to meet a romantic partner 
• 35% have encountered fake profiles or AI-generated images while dating online 
• 1 in 4 say they discovered they were interacting with a fake profile or AI bot 
• 22% say they have been a victim of catfishing 
• 53% have been asked to send money or financial info by a romantic interest
• Payment apps are the most common path for money requests, especially among adults under 35 
• 32% believe it is possible to develop romantic feelings toward an AI bot 
• 9% say they have personally experienced romantic feelings for an AI chatbot 
• Men are significantly more likely than women to encounter romance scams weekly 
• Nearly everyone who experienced a romance scam says it had a lasting emotional impact 

How romance scams typically unfold 

While scams can take many forms, most follow a familiar pattern. Understanding the progression can help people recognize risk earlier. 

Stage	The Red Flags / How it Unfolds	What the scammer wants	What to do instead
1) The hook	A friendly DM, a “wrong number” text, a dating match, a comment reply, a follow request	A response. Any response.	Don’t move fast. Keep the convo on-platform. Don’t give out your number.
2) Love bombing	Daily messages, fast intimacy, mirroring your interests, “I’ve never felt this way”	Trust and routine	Slow it down. Ask for a real-time video call and a specific, verifiable detail.
3) Private channels	“Let’s talk on WhatsApp/Telegram/Signal.” “Don’t tell anyone yet.”	Control and privacy	If someone pushes you off-platform quickly, treat it as a red flag.
4) Building credibility	A “job” story (military, oil rig, entrepreneur), polished photos, voice notes, even AI-assisted video	Believability	Verify independently. Reverse image search photos. Watch for inconsistencies.
5) A financial request	A “small” emergency, a plane ticket, a crypto opportunity, “help me unlock my account,” gift cards, payment app request	Money or financial access	Never send money to someone you haven’t met. Never share financial info or account details.
6) Escalation	“I need a verification code.” “Can you receive money for me?” “Open an account.” “Co-sign.”	Identity theft, account takeover, new credit	Never share MFA codes. Don’t open accounts for anyone. Lock credit if you’ve shared info.
7) Ghosting	Ghosting, deleted accounts, new persona, rinse-and-repeat	Exit before consequences hit them	Preserve evidence, report, and secure your accounts immediately.

Key point: the scariest scams may never send you a sketchy link. They may only send convincing words, and the pressure to act. 

Watch out for AI. 

AI reduces the “tells” that used to give scammers away. Deepfake audio and video can make someone appear real-time credible. Bot-driven chat can sound polished, attentive, and emotionally responsive. 

People who discovered they were dealing with a bot or fake profile said the biggest clues were: 

• Responses felt scripted or repetitive (52%) 
• They replied instantly and flawlessly (41%) 
• Photos looked unnatural or AI-generated (38%) 
• They avoided voice/video calls (32%) 
• They made unusual requests early (26%) 

The important point is: a smooth conversation is not proof of authenticity. It may be proof of automation. 

What to do if you think you’re involved in a romance scam 

If you’re reading this and feeling that slow stomach-drop of recognition, the priority is to protect yourself before the situation escalates. 

1) Stop sending money and stop sharing information 

No more payments. No more screenshots. No more “verification” codes. No more personal details. 

If you’ve already shared sensitive info, don’t panic, but act quickly. 

2) Document everything 

Take screenshots. Save usernames, phone numbers, email addresses, payment handles, transaction confirmations, and any images they sent. If the account disappears, this may be all you have. 

3) Lock down your accounts 

• Change passwords for email, banking, and the platform where you met them 

• Turn on multi-factor authentication (MFA) everywhere 

• If you reused passwords anywhere, change those too 

4) Check your financial exposure 

Romance scams often lead to identity misuse: new accounts, fraudulent applications, or attempts to access your credit. 

If you’ve shared identifying details (full name, address, DOB, SSN, photos of documents), consider a protective step that blocks new credit from being opened in your name. McAfee’s Credit Monitoring and Identity Monitoring can help regain security. 

5) Reduce your public data footprint 

Scammers don’t just use what you tell them. They use what they can look up. 

Your phone number, address, relatives, old accounts, and leaked details can be stitched together to make impersonation easier and manipulation more convincing. 

Unfriend the scammer on social platforms and tighten your account privacy. Consider options like McAfee’s Personal Data Cleanup  

6) Report it 

Report the account on the platform or app where you met. In the U.S., you can also report romance scams to the FTC. 

If you sent money, notify your bank/payment provider immediately. 

The takeaway:  

Romance scams work because they feel real. They exploit trust, vulnerability, and the very human desire for connection, especially in digital spaces where so much of our social and romantic lives now take place.

If you recognize pieces of your own experience in Jules’s story or the research here, you are not alone, and you have nothing to be ashamed of. These scams are designed to be convincing, and anyone can be targeted. 

Protections like McAfee’s Scam Detector are built to catch risky messages across text, email, and social channels, adding an extra layer of defense while you focus on building genuine connections. 

Awareness, support, and protection go a long way, and help is available when you need it. 

The post 1 in 7 Lose Money to Romance Scams. Spot the Red Flags: appeared first on McAfee Blog.

Tax season creates a rare and dangerous overlap: Americans are sharing their most sensitive personal information at the exact moment scammers are most alert. 

W-2s arrive. Payroll portals light up. Refund notifications start circulating. Messages from employers, tax services, and government agencies suddenly feel routine… expected, even. 

That’s the opening scammers wait for. 

According to McAfee’s 2025 tax season research, nearly half (48%) of Americans say they or someone they know has received a message falsely claiming to be from the IRS or a state tax authority. Those messages arrive via email, text, phone calls, social media, and increasingly through channels that don’t look suspicious at all. 

And when they work, the consequences can be severe. 

This tax season, the biggest risk isn’t just clicking the wrong link. It’s how easily personal information can be weaponized once it’s exposed, and how quickly identity theft and credit damage can follow.  

How tax-related identity theft happens 

Rather than a single “step-by-step” scam, tax fraud usually unfolds as a chain reaction once personal information is exposed. 

Here’s how the risk typically escalates: 

1) Information enters circulation 

W-2s, tax forms, and payroll data are shared across email, HR portals, cloud storage, and tax software accounts. Even legitimate workflows expand the attack surface. 

2) Scammers impersonate trusted entities 

Using stolen or scraped data, criminals pose as: 

• The IRS or state tax agencies 
• Payroll departments 
• Tax preparation services like TurboTax or H&R Block 

In McAfee’s research: 

• 48% encountered fake IRS messages
• 33% saw impersonation of tax preparation services
• 35% were baited with fake refund messages containing malicious prompts

3) Victims are pressured to “fix” a problem 

Messages claim a refund was rejected, taxes are overdue, or identity verification is required. The urgency is the point. 

4) Personal or financial data is harvested 

Once victims respond, scammers collect SSNs, bank details, credit card numbers, or authentication codes, often without ever sending a malicious link. 

5) Identity theft follows 

Refund fraud, unauthorized credit applications, and account takeovers often happen weeks or months later, when victims least expect it. 

This is why tax scams are so damaging: the real fallout often shows up long after filing season ends. 

How to protect yourself before you file 

Tax season rewards preparation. These steps help reduce risk before problems start. 

1. File early if possible: Filing sooner reduces the window scammers have to submit fraudulent returns in your name. 
2. Treat tax-related messages with skepticism: Unexpected messages asking for documents, payment, or verification should be independently confirmed through official channels. 
3. Monitor your credit and identity: Identity theft often surfaces as unauthorized accounts or sudden credit changes. Regular monitoring helps catch issues early. 
4. Reduce your online data footprint: Scammers often source contact details and background information from data broker sites. Limiting what’s publicly available reduces targeting. 
5. Avoid clicking on tax-related links: Type official URLs directly into your browser instead of clicking links in messages or ads. 

Why McAfee+ Advanced is built for tax-season identity risk 

Tax scams expose a broader truth: protecting yourself today means limiting both exposure and impact. 

That’s why McAfee+ Advanced now includes expanded identity and financial protection officially rolling out to users today, designed for high-risk moments like tax season. 

Automatic personal info removal 

McAfee+ Advanced helps automatically locate and remove your personal information from high-risk data broker sites that publish phone numbers, addresses, and emails scammers rely on. 

Reducing this exposure makes it harder for criminals to impersonate you or target you during tax season. 

Credit monitoring with one-click credit lock 

If personal information is compromised, speed matters. 

McAfee+ Advanced includes credit monitoring and a one-click credit lock experience, making it easier to prevent unauthorized accounts from being opened in your name, a common escalation after tax-related identity theft. 

Scam Detector, included across all McAfee+ core plans 

In addition to identity and credit protections, all McAfee+ plans include Scam Detector, which helps flag suspicious texts, emails, links, and websites. That includes tax-related scam attempts that surface during filing season. 

Protection that lasts beyond tax season 

Tax scams may peak during filing season, but identity risk doesn’t follow a calendar. The same tools that help protect your W-2 and tax information also help reduce exposure to data breaches, account takeovers, and everyday fraud throughout the year. 

McAfee+ Advanced is designed for that reality; protecting your personal information, finances, and digital life not just during tax season, but year-round. 

The post Filing Taxes? Why Identity Protection Matters More Than Ever This Season appeared first on McAfee Blog.

Scams don’t always arrive with obvious warning signs. 

They show up as QR codes on parking meters. As casual DMs that start with “Hey.” As social messages that feel routine enough to respond to without thinking twice. 

That shift has created a new burden for consumers. According to McAfee’s 2026 State of the Scamiverse report, Americans now spend 114 hours a year trying to figure out what’s real and what’s fake online. That is nearly three full workweeks lost to second-guessing messages, alerts, links, and notifications. 

McAfee’s upgraded Scam Detector is designed to meet people in those exact moments, with enhancements rolling out across core McAfee plans beginning in February. 

The latest improvements add instant QR code scam checks and smarter social messaging protection, making it easier to spot scams before they escalate. 

Figure 1: An example of a suspicious text being flagged by McAfee’s Scam Detector 

What’s new in McAfee’s Scam Detector 

Scams now move quickly across platforms and formats, often escalating in minutes once someone engages. Among people who were harmed by a scam, the typical scam unfolded in about 38 minutes. 

That speed leaves little room for hesitation. Scam protection has to work in real time, not after the damage is done. 

McAfee’s latest Scam Detector upgrades are designed around that reality, adding: 

• Instant QR code safety checks, so users can assess risk before tapping 
• Smarter social messaging protection, with clearer warnings for suspicious texts, emails, and DMs, even when no link is present 

These Scam Detector upgrades will begin rolling out in February across all core McAfee plans, bringing real-time protection to the moments where scams escalate fastest. 

QR codes, quishing, and why instant scans are needed 

QR codes were designed for convenience. That is exactly why scammers use them. 

Cybercriminals increasingly hide malicious links behind QR codes placed on menus, parking meters, packages, posters, and public signage. People scan quickly, often without stopping to evaluate where the code leads. 

McAfee research shows how common this risk has become: 

• 68% of people scanned a QR code in the past three months 
• 18% landed on a suspicious or unsafe page after scanning 
• Among those who did, more than half took risky actions such as entering personal information, installing an app, or connecting a digital wallet 

Figure 2. A still from a demo video, showing a risky QR code being blocked by McAfee’s Scam Detector 

Social media scams and the rise of linkless messages 

Phishing is no longer confined to emails with obvious red flags. 

Scams now arrive through WhatsApp, Instagram, Messenger, Telegram, and other social platforms, often starting as vague or friendly messages designed to lower suspicion rather than trigger alarm. 

McAfee’s research highlights a key shift: more than one in four suspicious social messages contain no link at all, and 44% of Americans say they have replied to a suspicious DM with no link. 

These messages rely on familiarity and momentum. A short greeting. A warning about an account issue. A promise of easy money. By the time a request or link appears, the conversation already feels normal. 

And the economic impact of these scams is significant. According to the FTC, social media scams drove $1.9 billion in reported losses in 2024, making social platforms one of the top channels for fraud and identity theft. 

That’s why McAfee’s Scam Detector includes smarter social messaging protection, delivering clearer warnings for suspicious texts, emails, and DMs, even those without risky links, across popular platforms. The focus is on identifying suspicious patterns and behavior, not just URLs. 

Users can take a quick screenshot of their social media content on social media, and McAfee’s Scam Detector will analyze the message for suspicious activity. 

Get protection that works before scams escalate 

The stakes are high: 

• One in three Americans has lost money to a scam 
• Among those who lost money, the average loss was $1,160 
• 15% of scam victims fall for another scam within a year 

Scams are not just increasing in volume. They are becoming more personal, more believable, and easier to scale using AI. 

McAfee’s upgraded Scam Detector is designed to stay ahead of those shifts, offering real-time guidance when it matters most, whether that’s a suspicious QR code, a vague DM, or a message that feels just normal enough to trust. 

The enhanced Scam Detector, including instant QR code checks and smarter social messaging protection, will begin rolling out in February across all core McAfee plans. 

The post How McAfee’s Scam Detector Checks QR Codes and Social Messages appeared first on McAfee Blog.

Merriam-Webster’s word of 2025 was “slop.” Specifically, AI slop. 

Low-effort, AI-generated content now fills social feeds, inboxes, and message threads. Much of it is harmless. Some of it is entertaining. But its growing presence is changing what people expect to see online.

McAfee’s 2026 State of the Scamiverse report shows that scammers are increasingly using the same AI tools and techniques to make fraud feel familiar and convincing. Phishing sites look more legitimate. Messages sound more natural. Conversations unfold in ways that feel routine instead of suspicious.

According to McAfee’s consumer survey, Americans now spend an average of 114 hours a year trying to determine whether the messages they receive are real or scams. That’s nearly three full workweeks lost not to fraud itself, but to hesitation and doubt.

As AI-generated content becomes more common, the traditional signals people relied on to spot scams, such as strange links and awkward grammar, are fading. That shift does not mean everything online is dangerous. It means it takes more effort to tell what is real from what is malicious.

The result is growing uncertainty. And a rising cost in time, attention, and confidence.

The average American receives 14 scam messages a day 

Scams are no longer occasional interruptions. They are a constant background noise. 

According to the report, Americans receive an average of 14 scam messages per day across text, email, and social media.  

Many of these messages do not look suspicious at first glance. They resemble routine interactions people are conditioned to respond to. 

• Delivery notices 
• Account verification requests 
• Subscription renewals  
• Job outreach 
• Bank alerts 
• Charity appeals 

And with the use of AI tools, scammers are churning out these scam messages and making them look extremely realistic.

That strategy is working. One in three Americans says they feel less confident spotting scams than they did a year ago.  

 

Figure 1. Types of scams reported in our consumer survey. 

Most scams move fast, and many are over in minutes 

The popular image of scams often involves long email threads or elaborate schemes. In reality, many modern scams unfold quickly. 

Among Americans who were harmed by a scam, the typical scam played out in about 38 minutes.  

That speed matters. It leaves little time for reflection, verification, or second opinions. Once a person engages, scammers often escalate immediately. 

Still, some scammers play the long game with realistic romance or friendship scams that turn into crypto pitches or urgent requests for financial support. Often these scams start with no link at all, but just a familiar DM.

In fact, the report found that more than one in four suspicious social messages contain no link at all, removing one of the most familiar warning signs of a scam.  And 44% of people say they have replied to a suspicious direct message without a link.  

The cost is not just money. It is time and attention. 

Financial losses from scams remain significant. One in three Americans report losing money to a scam. Among those who lost money, the average loss was $1,160.  

But the report argues that focusing only on dollar amounts understates the broader impact: scams also cost time, attention, and emotional energy. 

People are forced to second-guess everyday digital interactions. Opening a message. Answering a call. Scanning a QR code. Responding to a notification. That time adds up. 

And who doesn’t know that sinking feeling when you realize a message you opened or a link you clicked wasn’t legitimate?

Figure 3. World Map of Average Scam Losses. 

Why AI slop makes scams harder to spot 

The rise of AI-generated content has changed the baseline of what people expect online. It’s now an everyday part of life.

According to the report, Americans say they see an average of three deepfakes per day.  

Most are not scams. But that familiarity has consequences. 

When AI-generated content becomes normal, it becomes harder to recognize when the same tools are being used maliciously. The report found that more than one in three Americans do not feel confident identifying deepfake scams, and one in ten say they have already experienced a voice-clone scam. Voice clone scams often feature AI deepfake audio of public figures, or even people you know, requesting urgent financial support and compromising information.

These AI-generated scams also come in the form of phony customer support outreach, fake job opportunities and interviews, and illegitimate investment pitches.

Account takeovers are becoming routine 

Scams do not always end with an immediate financial loss. Many are designed to gain long-term access to accounts. 

The report found that 55% of Americans say a social media account was compromised in the past year.  

Once an account is taken over, scammers can impersonate trusted contacts, spread malicious links, or harvest additional personal information. The damage often extends well beyond the original interaction. 

Scams are blending into everyday digital life 

What stands out most in the 2026 report is how thoroughly scams have blended into normal online routines. 

Scammers are embedding fraud into the same systems people rely on to work, communicate, and manage their lives. 

• Cloud storage alerts (such as Google Drive or iCloud notices) warning that storage is full or access will be restricted unless action is taken, pushing users toward fake login pages.
• Shared document notifications that appear to come from coworkers or collaborators, prompting recipients to open files or sign in to view a document that does not exist.
• Payment confirmations that claim a charge has gone through, pressuring people to click or reply quickly to dispute a transaction they do not recognize.
• Verification codes sent unexpectedly, often as part of account takeover attempts designed to trick people into sharing one-time passwords.
• Customer support messages that impersonate trusted brands, offering help with an issue the recipient never reported.

Figure 4: Example of a cloud scam message. 

The Key Takeaway

Not all AI-generated content is a scam. Much of what people encounter online every day is harmless, forgettable, or even entertaining. But the rapid growth of AI slop is creating a different kind of risk.

Learn more and read the full report here.

FAQ: Understanding the AI Slop Era and Modern Scams 

Q: What is AI slop?   A: The term refers to the flood of low-quality, AI-generated content now common online. While much of it is harmless, constant exposure can make it harder to identify when similar technology is used for scams.

Q: How much time do Americans lose to scams?   A: Americans spend 114 hours a year determining whether digital messages and alerts are real or fraudulent. That is nearly three workweeks.

Q: How fast do scams happen today?   A: Among people harmed by scams, the typical scam unfolds in about 38 minutes from first interaction to harm.

Q: How common are deepfake scams?   A: Americans report seeing three deepfakes per day on average, and one in ten say they have experienced a voice-clone scam.

 

The post McAfee Report: In the AI Slop Era, Americans Spend Weeks Each Year Questioning What’s Real appeared first on McAfee Blog.