A new survey from Google, in partnership with Morning Consult, paints a clear picture: Americans are more aware than ever of online scams—but they’re not all protecting themselves the same way.
More than 60% of U.S. consumers say scam activity has increased over the past year. A third have experienced a data breach personally. The most common attack methods? Scam texts (SMS phishing) and email phishing, both of which continue to grow in frequency and sophistication.
But one of the most telling insights from the survey is the generational shift in how people are choosing to protect their accounts.
Younger Users Are Leading the Shift Away from Passwords
Gen Z and Millennials are starting to embrace newer, safer sign-in methods like passkeys and federated logins—think “Sign in with Google” or Apple ID. These approaches offer more security and ease of use than traditional passwords. By contrast, Gen X and Boomers are still relying heavily on legacy methods. More than 60% of these users are sticking with traditional passwords, and half still memorize or write them down.
This points to a broader divide—not just in the tools we use, but in how we think about security itself.
More Time Online, But Fewer Accounts?
Another interesting trend: despite spending more time than ever on their phones (with Gen Z leading the way), most users report maintaining only about 10 online accounts. That’s likely due to increased use of social sign-ins, which let people use one secure login across multiple platforms.
It’s a convenience that can backfire if that primary account is compromised—which is why layered protection is more important than ever.
Stronger Protection Starts with Better Tools
Google is pushing for wider adoption of better tools that go beyond basic passwords: ranging from passkey to password managers that automatically generate, autofill and store passwords,, to tools like 2-Step Verification. Unlike passwords, passkeys can’t be stolen, guessed, “phished,” or end up for sale on the dark web. You never need to invent passkeys, remember them, or look them up, so they are also easier than passwords to configure, use, and maintain.
To access a website or application, a passkey relies on your phone, laptop, tablet, or other supported “authenticator” device to store biometric ID data as well as a private encryption key, which together prove you are who you say you are. A password manager that supports passkeys can also be your authenticator, which offers the benefit of enabling your passkeys to work across devices.
According to the FBI, online scams cost U.S. victims a record $16.6 billion in 2023—a 33% increase in just one year. Many of these scams start with attempts to hijack user accounts.
At Enfortra, we help businesses stay one step ahead of identity thieves. Our white-label identity theft protection platform equips organizations to offer real, proactive protection—helping individuals safeguard their personal data while adding value to your brand.
As digital threats continue to evolve, so should your protection strategy. Whether your audience includes digital natives or password traditionalists, Enfortra provides the tools and support to keep their identities secure.
Ready to protect your people—and your reputation?
Contact us to learn how our fully customizable platform can integrate into your existing offerings.
