Online communication has made it easier than ever to stay connected, manage finances, and access important services. At the same time, it has also created new opportunities for scams, including widely popular “phishing email” scams. For many families, understanding how phishing scams work (and what to look for) can build confidence when navigating online correspondence.
Why Older Adults May Be at Heightened Risk of Financial Scams
Cybercriminals, hackers, and other bad actors may target older adults online for a few key reasons, including:
- The scammers believe (whether it is true or not) that older people have a retirement nest egg and receive regular benefits.
- The scammers hope the older adults are experiencing age-related cognitive decline or cognitive impairment seen with conditions like dementia.
What is a Phishing Email?
A phishing email appears to come from a respected source, such as a government agency. The email encourages the recipient to share sensitive data (e.g., credit card numbers) or take actions that install malware, such as downloading attachments or clicking links.
Cybercriminals who use phishing tactics are known as “phishers.”
How to Spot a Phishing Scam
There are several signs that an email account may not be from a legitimate company:
- The email uses alarmist messaging, such as “act now.”
- The sender’s email domain name looks unusual or slightly different from the official one.
- The message contains links to fake websites or other places that are not the official website.
- There are misspellings or grammatical errors in the header or the body of the email.
- The message asks for sensitive information, including login credentials to bank accounts, credit card information, or Social Security numbers.
- Links or attachments lack clear explanations.
- The suspicious email opens with generic greetings.
Other Common Senior Scams
While phishing emails are common, they aren’t the only scams older adults may encounter online. Other popular scams include:
- Phone scams impersonating government agencies or utility companies.
- Tech support scams claiming there is an issue with a computer.
- Lottery or prize scams requesting payment to claim winnings.
- Romance scams that build trust over time before asking for money.
- Grandparent scams in which someone pretends to be a relative in need, sometimes “spoofing” the loved one’s phone number to appear legitimate.
How to Protect an Older Loved One from Phishing Attacks
Simple habits can help people better spot and avoid possible phishing messages:
1. Pausing
Many common scams try to create a sense of urgency or fear to spur immediate action. Taking a moment before responding to an email, phone call, or text message can help mitigate the pressure of attacks designed to create a feeling of urgency.
2. Verifying
People can verify requests from suspicious sources by contacting the company directly. The official company’s website should contain legitimate contact information.
3. Not Clicking or Downloading
Not clicking links or downloading attachments from unknown sources may help reduce the risk of malware and virus infections.
4. Keeping Sensitive Information Private
Keeping personal and financial information, such as bank account numbers, private online and offline reduces opportunities for bad actors to get sensitive information.
5. Communicating
Talking openly with loved ones about suspicious messages and experiences helps get second opinions and raise awareness of possible financial scams.
6. Reporting Suspicious Behavior
Knowing where and how to report phishing attacks means the proper authorities can launch official investigations and develop strategies to help protect other potential victims.
One place to report any suspicious online behavior is the FBI’s Internet Crime Complaint Center (IC3). For phishing attacks, specifically, it’s possible to flag individual suspicious emails in the following ways:
- To report suspected Gmail phishing: In the email chain, people can click the “More” option, then hit the “Report phishing” option.
- To report suspected Microsoft Outlook phishing: People can select the “Report Message” button in the web browser version and the “Report Junk” button on mobile.
- To report suspected Yahoo phishing: People can select the email, then click the button that says “Spam” or click the three dots. Then, they can select the “Report Phishing” option.
7. Installing Email Security Measures
Installing multi-factor authentication (MFA) on online accounts adds another layer of protection against cybercrimes like identity theft and phishing. MFA means that, in order to access an online account, someone needs to verify their identity in two or more ways, such as with login credentials and by text message.
FAQs
What are common red flags of a phishing email?
Common red flags of a phishing email may include:
- Urgent language
- Unexpected requests for personal information
- Unfamiliar sender addresses
- Links or attachments that are not clearly explained
What are the 4 Ps of phishing?
The “4 Ps of phishing” often refer to four common tactics used in phishing attempts:
- Pretending (impersonating a trusted source)
- Provoking (creating urgency or fear)
- Persuading (encouraging quick action)
- Planting (including malicious links or attachments)
How can someone tell if an email link is safe or a phishing attempt?
One way to check potentially malicious email links is to hover over the hyperlinked text to see the full web address before clicking. If the link looks unfamiliar, shortened, or does not match the company it claims to represent, it may be best to avoid interacting with it and verify through another source.
Protecting Loved Ones Online
Scams may change, but they still often rely on similar tactics that people can recognize over time. Knowing how to spot phishing emails and taking a moment to verify unexpected messages can help people of all ages reduce uncertainty when navigating online communication.
Disclaimers: This article is for informational purposes only. It does not constitute legal, healthcare, or financial advice, expressed or implied.