It’s no secret that seniors are a prime target for cyber scammers. These scams can be costly and can often lead to identity theft. Older adults lose around 3 billion US dollars annually to financial scams. According to various reports, the older you are, the higher the damage you incur.
Phishing scams are not limited to only financial frauds. There is online identity theft, romance scams, online shopping scams, tech support scams, and more! Unfortunately, these scams can be difficult to detect, as scammers often use techniques to make their messages seem legitimate. However, there are some simple ways to stop old people scams.
This blog post will discuss key ways to identify and prevent phishing and vishing scams from happening to you or your senior loved ones. Stay safe out there!
What is Phishing?
Phishing is a technique cyber criminals use to try and steal your personal information. They do it by sending you fake emails that look like they are from a legitimate company, like your workplace, bank or credit card provider. For example, they may send you an email that looks like it’s from your bank asking you to click on a link or provide personal information.
How does Phishing work?
The goal of phishing is to trick you into providing your personal information, such as your account password, Social Security number, or credit card details. They use fake emails or websites are used to lure people into revealing sensitive information. They also do phone phishing by calling from random numbers and trying to collect information during the conversation. While there are many types of phishing scams, they all share one common goal – to steal your identity or money. If you’re not careful enough, you can easily become a victim of Phishing.
Some Common Examples of Phishing
The most common types of Phishing are explained below:
Deceptive Phishing has been the most common phishing scam since the 1990s. It is an email scam where attackers try to steal victims’ confidential, personal information, or login details. They do it by impersonating an organization or person and sending emails with deceptive links. For example, a fake email from your bank asks you to click on a link and verify your account details.
In spear phishing, scammers target specific individuals instead of targeting a group of people. As a result, these attacks are more customized and harder to trace. Attackers do thorough research on the victim’s social media, workplace, and other personal activities, then use those against them to appear more authentic then trick victims into providing personal data.
According to SANS Institute, 95% of the attacks on corporate networks are the result of successful spear phishing. Example: Someone asking you to fill out ”a new employee handbook”.
Whaling is the method of going after CEOs or executives of an organization. Scammers steal their login credentials and access sensitive company information. Your reporting officer or a senior executive asking you to make a payment or pass some confidential data urgently can be an example of whaling.
In Pharming, attackers manipulate a website’s traffic or infect its DNS server to redirect users toward a fraudulent site. For example, you are trying to do an online banking transaction, but when you open the bank’s original website, it directs you to a different domain.
What Is Vishing?
As mentioned earlier, vishing attacks are a type of phishing scam where scammers make shady phone calls or leave voice messages to steal financial or personal information from people. It is also referred to as voice phishing. In vishing, attackers often call impersonate a bank employee, policeman, or government officials. They use persuasive language and tone to lure victims into sharing sensitive information.
Phishing vs. Vishing vs. Smishing: What’s the Difference?
Though vishing and smishing fall under the umbrella of Phishing, they share some subtle differences. Phishing, vishing, and smishing attacks have the same motto of stealing financial or personal information, but the communication medium is different in each. Phishing scams are primarily email attacks, while in vishing, attackers use phone calls or voice messages to steal information, and smishing is scamming through text messages.
Why are Seniors more Susceptible to phishing scams?
It is sad but true that older adults are one of the main victim groups of phishing scams. Though they might not outnumber the younger victims, the losses are way higher for seniors. The most vulnerable groups are people in their 80s. They can incur individual losses up to $1700 on average, which is four times higher than victims within the age range of 20-30.
Now let’s have a look at the reasons behind these phishing scams against elderly citizens:
- Older people are perceived to be wealthier than younger ones.
- Reports suggest seniors are less likely to report phishing scams.
- Senior citizens may lack knowledge of digital security or different technologies.
- They come from a more trustworthy and polite generation.
- Seniors suffer from various health issues, like Alzheimer’s or disabilities, making them more vulnerable to phishing scams.
- Many older adults lose their independence and rely on others to perform daily tasks. Unfortunately, scammers take advantage of their vulnerability.
- Very often, seniors are left alone at home or senior care facilities, leading to social isolation. So, they might remain unaware of such crimes.
How do you avoid phishing scams?
So, how can you tell if an email, phone call, or text message is really from a company or if it’s just part of a phishing scam? We have got some tips for you on ways to stop old people scams!
- Use security software to protect your PC, and enable auto-update.
- Enable multi-factor authentication on your devices and across all social media accounts.
- Create a backup for all data and files on external cloud storage or hard drive.
- Use passcode, fingerprints, or face recognition options to prevent scammers from accessing your devices.
- Enable the call recording system on your phone and record any suspicious conversation.
- Stay informed about the latest phishing scams, and keep your friends and family updated as well.
- Work on your impulses and avoid clicking any suspicious links without verifying the authenticity of the source.
- Use browsers with anti-phishing toolbars.
- Install extensions to block auto pop-ups and redirections.
- Never share personal information or credentials over the phone or the internet.
What to do if you’re a Victim of a Phishing or Vishing Attack?
Do not panic if an unfortunate incident happens and you think you have been exposed to phishing scams, do not panic. There are ways to prevent, recover or minimize your damage. Below are some steps you can take to protect yourself if you have become a victim of phishing or vishing attacks.
The first thing one should do after becoming a phishing or vishing scam victim is to change their passwords and log out from all connected devices. Even if you have different passwords for different accounts, it is best to change those credentials as well.
Disconnect your device and contact IT Support
If your work computer is under a phishing attack, you should immediately disconnect the device from its home network and Wi-Fi. After that, contact IT support to let them know about the incident and follow their instructions. You may also inform the company personnel and check if any sensitive information was compromised.
Scan your devices for viruses
In case you have downloaded a suspicious attachment or clicked on an affected link, scan your device for potential viruses and malware. If you don’t know how to run scans or use anti-virus software, ask for help from a family member or an expert.
Report to IdentityTheft.gov Website
If you suspect the scammer has information such as your social security number, bank account details, etc., visit IdentityTheft.gov. There you will find specific steps that you need to take based on the data you lost.
Report to FTC (Federal Trade Commission)
Another step that can be taken is to report to the Federal Trade Commission (FTC). They can guide you through the process of verifying whether your personal information was stolen or not.
Report to Anti-Phishing Working Group
Anti-Phishing Working Group has a database of verified credentials that are used in Phishing. They can analyze and detect the culprits if you share your experience and details of the suspected scam.
Report to Local Police Station
If you have been a victim of phishing or vishing scams, reporting to your local police station could be a good idea. If you have already incurred financial or identity damages, they can help you trace the scammer and recover the loss.
Stay calm and vigilant against future scams
It is important to stay calm after a phishing or vishing attack. Call a trusted friend or family member if you have anxiety or panic attacks. Once you have overcome the initial shock, report the incident to the appropriate authorities and stay extra careful about future scams.
Falling victim to phishing or vishing scams can happen to anyone. There is nothing to be ashamed of about it. However, if your elderly loved one is introverted or shy, they might not share any potential scams they have been a victim of. That is why it is important to talk about these online crimes and keep them informed about prevention techniques. Stay alert and look out for each other.
Sign up to BoomersHub’s email list to get such great content and tips related to making seniors’ lives easier. Call +(877) 409-0666 or email email@example.com for any information or help related to seniors or senior living.
FAQs related to Phishing and Vishing Scams
What do I do if my elderly parent is being scammed?
If your elderly parent is being scammed, you can report it to your local police or Adult Protective Services. Also, if they have been a victim of phishing or fishing scams, immediately change their credentials and scan all devices for viruses.
Does the FBI investigate elder abuse?
Yes. FBI investigates elder abuse. Their Internet Crime Complaint Center investigates all kinds of online frauds.
Is scamming a federal crime?
Yes. Scamming or wire fraud are federal crimes. In the United States, a person can face up to 10 years in federal prison, depending on the nature and type of scam.
Why do fraudsters often target the elderly?
Older people are often deemed as a vulnerable group due to their physical and mental shortcomings due to age or related factors. That is one reason why fraudsters make them their target. Besides, senior citizens are less likely to report Phishing or any form of scams. That also encourages attackers to exploit them.
What to do if a senior is being scammed?
If a senior is being scammed, report to the Federal Trade Commission (FTC) and Adult Protective Services (APS) to inform them about the fraud. They will investigate the matter and provide instructions you may need to follow.
Is scamming the elderly illegal?
Scamming the elderly is illegal and a punishable offense. Fraudsters can face fines or jail time depending on the nature of the scam.
Which act is considered financial abuse of an elder?
Acts that are considered financial abuse of an elder under the Federal Elder Justice Act, 2010:
- Illegal or improper use of money or property of an elderly or a person with a disability.
- Theft, misappropriation, concealment, misuse, or fraudulent deprivation of finances or properties belonging to an older adult or disabled individual.
How to stop phishing emails?
To stop phishing emails, install security software and an anti-virus system on your devices. Protect your social media information and keep the privacy to ‘only me’ for email addresses or phone numbers. Also, add extensions on your browser to block unnecessary pop-ups.
What is vishing in cyber security?
Vishing is also referred to as voice fraud in cyber security, where scammers use voice calls or phone calls to persuade people to share sensitive information.
What is the difference between vishing and smishing?
The main difference between these two types of Phishing is that in smishing, victims receive fraudulent text messages, while in vishing, they get fraudulent phone calls. Example: can’t talk text me a scam, or getting a call saying you have won a prize and need to share your account details to avail the money.