chevron-down Created with Sketch Beta.

Voice of Experience

Voice of Experience: April 2024

A Guide to Safeguarding Seniors from Cyber Threats

Ashley Hallene and Jeffrey M Allen

Summary

  • Seniors are frequently targeted by phishing emails and messages that appear to be from legitimate companies.
  • According to the 2023 Identity Theft Resource Center’s Annual Data Breach Report, 2023 saw a record-breaking number of data breaches.
  • As technology evolves, so do the tactics of scammers targeting the elderly.
A Guide to Safeguarding Seniors from Cyber Threats
iStock.com/brightstars

Jump to:

The world of technology is never without peril. Cybersecurity risks are prevalent wherever you turn. Seniors often face unique cybersecurity risks due to a variety of reasons, including less familiarity with evolving digital technology, lower awareness of online scams, and sometimes, the tendency to trust others easily online. Some common cybersecurity risks for seniors include:

Phishing Scams

Seniors are frequently targeted by phishing emails and messages that appear to be from legitimate companies, government agencies, or acquaintances, asking for personal information or directing them to fraudulent websites. One scam you may come across involves the impersonation of a government agency, such as the Social Security Administration (SSA) or the Internal Revenue Service (IRS). In this scam, seniors receive an email, phone call, or text message that appears to be from one of these agencies, claiming that there is an issue with their Social Security number or there is a problem with their tax return.

The message might state that their Social Security number has been suspended due to suspicious activity, or they owe taxes and must pay immediately to avoid arrest or other legal action. The scammer then asks for personal information, such as the senior's Social Security number, date of birth, or banking details, supposedly to verify their identity or resolve the issue. Alternatively, they might direct the senior to click on a link in an email or text message, leading them to a fraudulent website designed to steal their information.

This scam preys on your fear of losing benefits or facing legal trouble, pressuring you into acting hastily without verifying the authenticity of the communication. It's important to know that government agencies usually do not contact individuals via email, phone, or text for personal information and that such requests should be viewed with skepticism. Verification through official channels can help prevent falling victim to these scams.

Identity Theft

Your personal information can be stolen through ineffective security practices when you are online, or data breaches. Seniors might not monitor their online presence or financial accounts as closely, making them prime targets. Most vendor sites ask you to create an account, or a profile with them, anytime you make a purchase. They offer the convenience of saving your credit card information to your account (so you don’t have to pull your card out of your wallet every time you go to purchase something). However, now your data is sitting out there, waiting to be exposed.

According to data from the 2023 Identity Theft Resource Center’s Annual Data Breach Report, 2023 saw a record-breaking number of data breaches, from Casino giants like MGM and Caesars to Government agencies with the Microsoft Cloud email breach. There were 3,205 publicly reported data compromises that impacted over 353 million victims. Supply chain attacks contribute the most to this increase.  A supply chain attack is a type of cyberattack that targets a trusted third-party vendor who offers services or software vital to the supply chain. This attack doesn’t just target the data owned by the third-party vendor, it reaches the data of the vendor’s customers, clients, or other vendors in the supply chain. By going this route, hackers don’t have to try and infiltrate large multi-national corporations with a robust cybersecurity program. Instead, they can target a smaller vendor with less security protections that supports the large multi-national company along with several other businesses and watch the house of cards tumble.

Another common identity theft scam targeting seniors involves Medicare fraud, particularly relevant due to seniors' reliance on Medicare benefits. In this scam, perpetrators pose as Medicare representatives and contact seniors, claiming they need to issue a new Medicare card or update their current information. They might say this is necessary due to policy changes, system updates, or as part of routine verification processes.

The scammer then requests personal information, such as your Medicare number, Social Security number, date of birth, or even banking information, under the guise of verifying your identity or ensuring the continuation of your benefits. In some cases, the scammer may also offer unnecessary services for a fee, which are not actually covered by Medicare, to obtain credit card information.

This information can then be used for various forms of identity theft, including opening new credit accounts, medical identity theft (where the scammer uses the senior's information to receive medical services or goods), or direct financial theft from the senior's bank accounts.

You can protect yourself by being aware that legitimate Medicare representatives will never call to ask for sensitive personal information over the phone. If you are contacted by someone claiming to be from Medicare, the best thing you can do is hang up and call Medicare directly using the number found on the official Medicare.gov website or on the back of their Medicare card to verify any claims made.

Financial Fraud

This includes unauthorized transactions, investment scams, and fake charity donations. Seniors may be particularly vulnerable to schemes that promise high returns or appeal to their generosity. In 2022, a significant case of financial fraud involved Publishers Clearing House (PCH). The Federal Trade Commission (FTC) charged PCH with using deceptive tactics, misleading people about how to enter sweepstakes drawings and making them believe they needed to purchase something to increase their chances of winning. This led to PCH turning over $18.5 million to the FTC for customer refunds. This case highlighted the broader issue of financial fraud against older adults, who, according to the FTC, reported losing more than $1.6 billion to various scams in the same year. This included substantial losses to investment scams, many of which involved fake cryptocurrency investment opportunities that specifically targeted older individuals on social media.

Tech Support Scams

Scammers pose as tech support from well-known companies to gain remote access to your computer, often leading to financial theft or malware installation. According to the FTC, consumers lost $159 million in tech support scams in 2022. A tech support scam often begins with an unsolicited call, message, or pop-up warning on your computer. The scammer might claim to be a computer technician from a well-known company like Microsoft or Apple, telling you that they've detected viruses or other malware on your computer. They may ask for remote access to your computer to "fix" the problem, or they might insist that you need to purchase new software immediately. These scammers aim to sell you unnecessary services, steal your credit card information, or install malware on your computer to gain access to your personal information.

To avoid tech support scams, be wary of unexpected phone calls or messages about computer problems. Legitimate companies do not contact individuals in this manner to inform them of malware on their devices. Additionally, real security warnings will never ask you to call a phone number. If you encounter a pop-up warning on your computer urging you to call for tech support, it is most likely a scam. Instead of responding to these unsolicited communications, if you suspect there is a problem with your computer, update your computer’s security software and run a scan. For any tech support, contact a business or person that you know and trust directly.

Social Engineering

This involves manipulating individuals to divulge confidential information. Seniors may be more susceptible to these tactics, especially when the scammer poses as an authority figure or a loved one in need. A common social engineering scam targeting seniors is the "grandparent scam." In this scenario, the scammer calls an older individual, often pretending to be a grandchild in a financial emergency, such as needing money for overdue rent or car repairs. The scammer manipulates your emotions, urging you not to tell anyone and to send money quickly, usually via gift cards or money transfers, making recovery of the funds difficult​. One of the authors (Ashley) has been the target of this scam many times. In one instance, she received an email from a fellow ABA member claiming to have been on vacation overseas with family when her wallet was stolen and needing some money to get back to the States and get sorted. In other instances, Ashley has gotten text messages and sometimes emails purporting to be the owner of the company she works for, and claiming she needs to run out and buy multiple $100 gift cards for clients the owner is meeting with and send the gift card codes to that number directly. None of the scams have been successful in fooling Ashley thus far.

To avoid the Grandparent Scam and other social engineering scams, maintain skepticism towards unexpected calls or messages claiming to be from “relatives in crisis.” Always verify the caller's identity by asking questions a stranger couldn't answer or by contacting the family member directly through a known number. Additionally, be cautious with personal information and never make payments, especially via gift cards or wire transfers, based on unsolicited requests. If helpful, you can give your grandchild a code word if they are ever in trouble and need assistance.

You must stay vigilant and skeptical to protect yourself and teach loved ones to do the same. Efforts are being made around the globe to combat these scams, but it is far from enough. In 2022, INTERPOL conducted Operation First Light, targeting social engineering fraud globally. The operation resulted in the arrest of around 2,000 individuals and the freezing of 4,000 bank accounts, with about USD 50 million in illicit funds intercepted. This operation focused on various scams, including telecommunication fraud, romance scams, email deception, and associated financial crimes, highlighting the sophisticated methods scammers use to exploit victims​.

As technology evolves, so do the tactics of scammers targeting the elderly. From phishing schemes and identity theft to tech support fraud and social engineering scams, seniors face a myriad of threats. Staying informed, skeptical, and verifying information through official channels are crucial steps in protecting your financial security and well-being now and in the future.

    Authors