Michael C. Vincent: Quick question before we get into it — when you get a sketchy text, what do you actually do with it?
Mark Delaney: Honestly? I've been pasting them into ChatGPT. Like, last week, I got something that looked like my bank and I just — yeah, I copied it in and asked. Which probably says something about where we are.
Michael C. Vincent: It says everything about where we are. Because nine in ten threats in 2025 weren't malware — they were exactly that, scams, phishing, fake ads. The digital threat landscape shifted underneath us and most people didn't notice.
Mark Delaney: Nine in ten — wait, seriously, that's the breakdown?
Michael C. Vincent: That's the breakdown. And here's what makes this week's story interesting — Norton saw that number and built Norton Genie around it. An AI scam detector. And they didn't sell it as a standalone product for long, because nobody buys standalone security apps anymore. They embedded Genie directly inside ChatGPT, inside Claude — June 30, 2026 is when the Claude integration was formally announced by Gen Digital Inc., the parent company, traded on NASDAQ as GEN.
Mark Delaney: Gen Digital — I didn't, uh, I didn't even know that's what Norton was called now.
Michael C. Vincent: Most people don't. Which is part of the story. The ChatGPT integration was pitched as the world's first AI-powered scam detector in a major chatbot platform. The press release called it innovation. I'd call it a legacy brand that started with a standalone app nobody wanted, then realized the only way to survive was to become infrastructure inside the tools people already live in.
Mark Delaney: So Norton's not solving the scam problem — it's solving its own relevance problem.
Michael C. Vincent: Well, that's the cynical read — and I held it too, until I sat with what Claude actually can't do.
Mark Delaney: Okay, yeah — that's the part I want to actually explain, because I think it's easy to dismiss this whole thing and miss what's genuinely different. Claude is — I mean, it's brilliant, right? It can read a scammy email and go, the urgency here is artificial, the grammar's off, this impersonation attempt is textbook. It can do all of that. But it has never seen a mugshot book. It doesn't have a database of known bad domains or shortened URLs that link somewhere actually dangerous. Norton Genie does.
Michael C. Vincent: That's the cleaner way to put it than I managed.
Mark Delaney: Norton is handing the brilliant friend the mugshot book. That's it. That's the whole thing. Genie specifically does URL and domain analysis — expands shortened links, checks where they actually land, evaluates the destination site's reputation. Claude, on its own, uh, it can reason about the language around a link but it can't do that.
Michael C. Vincent: And nine in ten threats are exactly the kind that requires that book.
Mark Delaney: Exactly — wait, no, that's my point. Those nine in ten aren't random malware, they're social engineering — urgency cues, impersonation attempts, requests for sensitive info. That's what Genie's pattern library is built for. So the gap isn't hypothetical.
Michael C. Vincent: How do you actually turn it on?
Mark Delaney: Inside Claude, you enable the Norton connector — it's a toggle in the integrations. ChatGPT, you find Norton in the ChatGPT Apps directory and tag it with @Norton. One sentence each, that's genuinely how simple it is.
Michael C. Vincent: And that is the part worth pausing on — because the friction is basically gone.
Mark Delaney: Yeah, and zero friction is — wait, that's actually the problem, right? Like, the easier it is to paste something in, the less you think about what you're handing over.
Michael C. Vincent: That is exactly the cost nobody's reading the fine print on. You get a text that looks like it's from your insurance company — your name's in it, a partial policy number, an account hint. You paste it into Claude with the Norton connector enabled. That message now travels to Anthropic, and to Norton, which means to Gen Digital Inc. Three separate commercial entities. One paste.
Mark Delaney: Three. At once.
Michael C. Vincent: Simultaneously. And if you do the same thing inside ChatGPT — it's OpenAI and Norton. Now, what happens to that content after the analysis? How long is it stored? Who inside Gen Digital can access it? Norton hasn't addressed that publicly. Anthropic hasn't. OpenAI hasn't.
Mark Delaney: Hold on — none of them? Like, I assumed there'd be some buried privacy page I just hadn't found.
Michael C. Vincent: Not that I can find. And this is where the hot take earns something real. The distribution play — embedding Genie across all Claude subscription tiers, free included — that maximizes reach. But it also maximizes exposure of content people never consciously decided to share with a cybersecurity company.
Mark Delaney: And the person checking the sketchy insurance text, uh — they're not thinking 'I am now a Gen Digital data point.' They're just trying to figure out if they're being scammed.
Michael C. Vincent: That's the consent gap. The integration is simple enough that the privacy question never surfaces in the moment.
Mark Delaney: And honestly, that's before we even get to whether Genie's detection is actually as good as Norton's press release says it is — which, uh, that part gets a lot messier.
Michael C. Vincent: Messier is the right word. Because the 'world's first AI-powered scam detector in a major chatbot' — that lives in a Norton press release. That's the only place that claim exists.
Mark Delaney: Wait — no third-party testing? Like, none?
Michael C. Vincent: No detection accuracy rates. No false-positive benchmarks. No independent evaluation. Sofiah Nichole Salivio covered the Norton-Claude integration for SecurityBrief UK and TelcoNews UK — and even that reporting draws from the same press materials. There's no outside lab saying Genie catches X percent of scams that Claude alone misses.
Mark Delaney: So we actually cannot answer whether Genie outperforms just... asking Claude directly. Like, that question has no answer yet.
Michael C. Vincent: Not from available evidence, no.
Mark Delaney: And what makes it even harder to pin down — uh, the same AI wave that's powering Genie is also powering the scams. Scammers are using AI-generated content now, engineered to feel personal and convincing. So any static performance claim Norton makes today, even if it were accurate today, it's... I mean, it's already aging. The threat isn't sitting still waiting to be benchmarked.
Michael C. Vincent: The recursive arms race. The same foundation. And that's precisely why a press release number would be especially fragile — you can't benchmark a moving target and call it solved.
Mark Delaney: So the calibrated version — not the cynical one, not the press release one — is probably: Genie adds something real over a gap that's real. Nine in ten threats being social engineering, that's not marketing. But 'breakthrough' is unjustified until someone outside Norton actually measures it. Treat it as a layer. Not a solution.
Michael C. Vincent: Fine. Say Genie catches the scam. You paste the sketchy insurance text, the Norton connector fires, and Genie flags it. You're safe. But now you're left holding a different question — which of the three companies that just touched your data is the one you should actually be worried about? Anthropic. Norton. Gen Digital Inc. Pick one.
Mark Delaney: Ha — yeah, no, that's... that's actually where I land on this whole thing. The real product Norton's selling isn't scam detection. It's the feeling of safety inside Claude and ChatGPT — tools you were already using anyway. And honestly? That feeling is worth something. I'm not saying it's worthless. But you should know exactly what you paid for it, you know?
Michael C. Vincent: That's the calibrated word. Not cynical. Not credulous. Just — clear-eyed about the transaction.
Mark Delaney: Yeah. Good talk.