Google survey shows Americans are changing how they fight scams

If it seems like scams are popping up everywhere lately, you’re not wrong. A new survey from Google shows most Americans feel the same, and they’re starting to change how they handle things online because of it. But different age groups are responding in different ways, and the tools people trust to stay safe vary more than you might expect.

In a new blog post, Evan Kotsovinos, Google’s VP of Privacy, Safety and Security, breaks down key findings from the company’s recent survey with Morning Consult. It’s not good news: “Over 60% of US consumers perceive an increase in scams over the past year, with one third personally experiencing a data breach.”

“Scams typically start by criminals trying to gain access to your online accounts,” Kotsovinos explained. “Which is why we use the latest AI and secure sign in technologies to make it really hard for scammers to ever reach you.”

Texts, emails, and fake tolls

The most common scam vectors aren’t surprising: text messages lead the pack, followed by email. Nearly 88% of Americans say they’ve encountered scams involving fake tolls or package deliveries. Google is now expanding Android’s scam detection features to identify red flags in messages about crypto, gift cards, toll fees, and financial services.

The company says it blocks more than 99.9% of spam, phishing, and malware from reaching Gmail users. Newer Android tools like Call Screen aim to reduce the risk from malicious phone calls by letting users ignore or screen them before answering.

A split between passwords and passkeys

When it comes to protecting accounts, there’s a divide between younger and older users.

Kotsovinos said, “Most people, including Generation X, Baby Boomers and many Millennials, still rely on older sign in methods like passwords and 2FA, with about half of all Americans admitting to writing down or memorizing their passwords.”

Even though many respondents said they’re familiar with tools like social sign-ins or passkeys, older generations aren’t adopting them at the same pace. Only about 30% of Gen X and Boomers use social sign-ins daily.

Meanwhile, Gen Z is skipping password rotation altogether, not because they don’t care, but because they’ve moved on to newer options. They’re more likely to use passkeys and social sign-ins tied to trusted platforms like Google. While traditionalists might see this as lax security, Kotsovinos sees it differently: “While at first glance not regularly updating passwords seems like poor password hygiene, the willingness to gravitate towards new sign in methods that are both safer and easier to use is a good thing.”

The friction of managing passwords, along with the fact that they’re often leaked in breaches, may be reason enough for security teams to push users toward alternatives.

Passkeys are the future

Google continues to push for passkey adoption, saying the traditional password’s time is up. “We want to move beyond passwords altogether,” Kotsovinos explained. “So we strongly encourage passkeys, which allow you to ditch the headache of memorizing and updating passwords, and stay much safer at the same time.”

Security teams may want to take that advice seriously. If users are already shifting their habits, supporting passkeys and single sign-on options isn’t just more secure. It’s aligning with how people already behave online.

And for those still holding on to passwords, Google’s ecosystem still offers guardrails: “We have tools like 2-Step Verification (2SV), the Google Authenticator App and Google Password Manager, that provide a second line of defense so that a password alone can’t empower a bad actor.”