Norton: Top 10 Scams Threatening Summer 2026

Norton's 2026 summer scams forecast names ten online fraud types surging during peak travel season, led by AI-powered imposters and reservation hijacking.

Imposter scams spiked 144% last summer versus the rest of the year; U.S. financial scam attacks ran 157% above the annual average.
Gambling fraud rose 88%—338% in the U.S.—fueled by global sports events; tech support scams blocked numbered 7.8 million.
AI voice cloning and deepfake video are amplifying imposter and romance fraud, which cost U.S. victims $1.16 billion in 2025.

Lead

Norton, the cybersecurity brand owned by Gen Digital (NASDAQ: GEN), on June 5, 2026, published its 2026 Summer Scam Forecast, identifying the ten online fraud categories most likely to surge between June and August. Drawing on millions of blocked scam attacks from the summers of 2024 and 2025, cross-referenced with emerging threat signals from spring 2026, the forecast puts impersonation, reservation hijacking, and AI-assisted romance fraud at the top of a threat list spanning travel, ticketing, gambling, and investment channels.

What Happened

Summer scams follow a reliable seasonal pattern. Imposter scams—fraudsters posing as government agencies, delivery services, family members, or known contacts—rose 144% last summer compared with the rest of the year, with Norton blocking 113,026 such attacks across the period. U.S. financial scam attacks reached 5,969,284 last year, a 157.4% increase versus the annual average. Package delivery scams, which exploit the surge in retail and travel shipments during summer months, climbed 89%, generating 43,326 blocked attacks.

Gambling-related fraud recorded 685,968 blocked attacks last summer—an 87.7% increase—driven by major sporting events. In the United States alone, gambling fraud attacks ran 338% above the annual average; the United Kingdom posted a 317% spike. The 2026 FIFA World Cup is expected to amplify this trend further, creating a large population of targets for fraudulent sportsbooks and betting tip services.

The 10 Summer Scams

Norton's 2026 Summer Scam Forecast identifies ten fraud categories for a scam-free summer awareness push:

1. Reservation Hijack Scams — attacks that deploy real hotel names, booking dates, and confirmation numbers to redirect payments to fraudulent pages, enabled by data breaches that expose authentic booking records 2. AI Romance Scams — deepfake video technology used to impersonate real individuals during video calls, contributing to a 64% victimization rate among targeted daters and $1.16 billion in U.S. losses in 2025 3. Imposter Scams — fraudsters posing as family, government agencies, or known contacts, increasingly enhanced by AI voice cloning 4. Package Delivery Scams — fake shipping notifications engineered to capture payment credentials or personal data 5. Concert, Festival, and Sport Ticket Scams — counterfeit ticket platforms appearing above legitimate sellers in paid search results for sold-out events 6. Parking Ticket Text Scams — fraudulent SMS messages impersonating municipal parking enforcement to harvest payments and personal data 7. Gambling Scams — deceptive betting platforms and tip services aligned with major summer sports events 8. Crypto and Investment Fraud Scams — synthetic personas on YouTube and TikTok used to promote fraudulent schemes; U.S. investment fraud losses reached $8.6 billion in 2025 9. Tech Support Scams — 7.8 million attacks blocked last summer, a 29.6% seasonal increase 10. Lottery and Sweepstakes Scams — unexpected-money schemes with 1.3 million attacks blocked, a 21.6% spike

AI and Technology Angle

The 2026 forecast reflects a structural shift in fraud capability. AI-powered voice cloning has made phone-based impersonation attacks materially harder to identify, eliminating the acoustic cues that previously flagged scam calls. Deepfake video technology has extended that capability to video calls, enabling romance scammers and investment fraudsters to sustain convincing personas across extended interactions.

"Deepfakes are still somewhat niche, but we've seen them used quite a bit for investment scams, where high-quality synthetic personas on YouTube and TikTok make the pitch much more convincing," said Michal Salát, Threat Intelligence Director at Gen.

Lookalike websites built to mimic legitimate booking platforms, sportsbooks, and ticket sellers are being surfaced through paid search advertising—often indistinguishable in appearance from the authentic services they replicate. Data breaches are compounding risk for travelers specifically, supplying fraudsters with the real booking details that make reservation hijack attacks credible.

"Scammers follow the calendar," said Leyla Bilge, Global Head of Scam Research for Norton. "People are understandably distracted, spending more on travel and tickets, tapping confirmation links without a second look."

What Comes Next

Norton security tools positioned against these threats include Norton Genie, which analyzes suspicious texts, emails, and websites for scam indicators; Safe Call, which blocks suspected scam phone calls; and Safe SMS, Safe Web, and Safe Email for broader digital channel protection. Norton 360 with LifeLock Ultimate Plus incorporates dedicated Scam Support and financial Reimbursement coverage.

Outlook

Summer scams in 2026 arrive at a higher baseline threat level than prior years. The convergence of AI-enabled impersonation, data breach-fueled personalization, and a packed global sports calendar gives fraudsters both the capability and the targeting scale to execute larger, higher-conviction campaigns. The $8.6 billion in U.S. investment fraud losses and $1.16 billion in romance scam losses recorded in 2025 define the financial stakes. For consumers navigating travel bookings, live event tickets, and sports betting this summer, the distance between a convincing online fraud and a legitimate transaction has narrowed to a single unverified link.