McAfee report highlights growing digital scams in India

McAfee has released its 2026 "State of the Scamiverse" report, highlighting the rapid growth and increasing sophistication of digital scams in India. The research indicates that many fraudulent schemes have become so convincing that victims often fail to recognise them until after financial or personal damage has occurred. From carefully crafted phishing messages to deepfake voice recordings and malicious QR codes, scammers are increasingly embedding their deceptions into routine online interactions.

According to the report, 70 per cent of Indians experienced compromises to their social media accounts in the past year, reflecting the rising effectiveness of advanced scam techniques. At the same time, 82 per cent of respondents said they were more cautious about opening messages from unknown senders than they had been a year earlier. Despite this growing awareness, the study suggests that fraudsters continue to stay ahead of many users by exploiting new technologies and behavioural vulnerabilities.

Pratim Mukherjee, Senior Director of Engineering at McAfee, said that scammers are making greater use of artificial intelligence and digital tools to manipulate trust and create urgency, often by imitating bank alerts or sending highly realistic social media messages. He added that as scams become harder to distinguish from legitimate communications, awareness, scepticism, and effective online protection measures are increasingly important.

The growing scale of online fraud is also reflected in official data from the Indian Cyber Crime Coordination Centre. In 2025, reported losses from fraud and cheating cases reached Rs19,813 crore, with more than 2.1 million complaints registered on the National Cyber Crime Reporting Portal. More than three quarters of these losses were linked to fraudulent investment schemes, indicating a shift towards more complex and organised forms of deception.

The report notes that many modern scams are designed to resemble ordinary digital exchanges. Messages relating to deliveries, subscription renewals, and banking activity are frequently used to gain victims’ confidence. On average, Indians reported receiving around 13 scam messages each day across text messages, email, and social media platforms. Nearly one in five suspicious social media messages now contains no links, removing traditional warning signs such as misspelt or unusual web addresses. Despite this, two thirds of users said they had responded to such messages, often triggering further stages of fraudulent activity.

Deepfake technology has emerged as a major new tool for scammers in India. Once largely associated with entertainment or political content, AI-generated voices and images are now being used to impersonate trusted individuals and institutions. These include fabricated endorsements by celebrities, fake recruitment interviews conducted by video call, and distress messages appearing to come from family members. Survey respondents reported encountering an average of four deepfakes each day. More than one third said they were not confident in their ability to identify deepfake scams or protect themselves if targeted. Such content is most commonly seen on platforms including Instagram, Facebook, YouTube, Telegram, and WhatsApp. One in five respondents said they had experienced a voice-cloning scam, often involving impersonation of relatives, bank officials, or government representatives.

The report also highlights the significant financial and emotional impact of scams on individuals and families. More than half of respondents said they had lost money as a result of fraud, with an average loss of Rs 93,915. Many scams unfold rapidly, with most being completed in under 30 minutes. In addition, Indians now spend an estimated 102 hours each year assessing messages to determine whether they are genuine, equivalent to nearly three full working weeks.

Beyond direct financial harm, scams contribute to wider concerns about personal security and trust in digital services. Sixty-three per cent of respondents believed their personal information was more vulnerable than it had been a year earlier. Almost a quarter of victims reported being targeted again within twelve months, suggesting that scammers frequently exploit individuals whose data has already been compromised.

McAfee advises users to exercise caution when responding to messages that create a sense of urgency and to verify information before taking action. It recommends accessing official websites or applications directly rather than following links in messages, avoiding unsolicited QR codes, and never sharing passwords, verification codes, or login approvals. The company also encourages the use of strong, unique passwords, two-factor authentication, and security tools designed to detect fraudulent activity.

The report draws on data from McAfee Labs and a global consumer survey. McAfee Labs monitors scam activity across email, SMS, social media, web browsing, and emerging AI-based techniques using internal threat detection systems. The study also references publicly available data from the United States Federal Trade Commission’s Consumer Sentinel Network. The online survey was conducted in November 2025 among 7,592 adults aged 18 and over in the United States, Australia, India, the United Kingdom, France, Germany, and Japan.