One in six people will be aged 60 or over by 2030, according to the World Health Organization (WHO). Not only does the world have an aging population, but the Pew Research Center found that over 75 percent of US adults aged 65+ are using the internet. An increasing number of senior citizens are online in Europe too, with the European Commission reporting internet usage of 59.2% among individuals aged between 65 and 74.
Cybersecurity threats are on the rise, too. From phishing attempts to social engineering attacks, the internet presents very real threats, particularly to those who may not be aware of the risks. Whether you’re a senior looking to understand better how you can protect yourself online, or you have a parent or grandparent you’d like to prevent becoming a victim, we give you the online safety tips that make a difference.
Online threats seniors should know about
An increasing number of seniors go online for shopping, banking, or simply staying in touch with family and friends. This fact has not escaped the attention of scammers who target older adults, some of whom may not be as familiar with newer tech. According to the FBI’s Internet Crime Report, Americans over the age of 60 lost nearly USD $5 billion to online fraud in 2024 alone.
Knowing what to look out for is half the battle. Here are some of the most common online threats affecting seniors today:
1. Phishing emails and texts
Phishing is when scammers send fake emails, text messages, or even messages on social media pretending to be legitimate and reputable sources. For example: a bank, delivery service, or government agency. Such messages often contain urgent language designed to provoke a panicked response.
The phishing message will ask the recipient to click on a link or provide personal information. Doing so can lead to fake websites that ask for sensitive personal data such as login credentials, credit card details, or even a Social Security number. With some phishing scams, just clicking on a link can trigger a malware download.
2. Fake websites
Fake websites often mimic trusted ones, from online stores or banks to healthcare providers. Their purpose is to mislead users into entering sensitive information, making purchases, or downloading malware. Interacting with a malicious website can result in your personal data being stolen or your device being infected.
Often, a fake website is almost identical to the legitimate site it’s impersonating, with only very small changes. For example, it will have a slightly altered URL. It could be that the site has a different extension, such as .net instead of .com, or they use the number “0” instead of the letter “O”.
3. Tech support scams
A tech support scam typically starts with a phone call, email, or a sudden pop-up message. This typically says that your device has a virus or technical issue and provides a number to call for supposed technical support. The risk is in calling the number provided or simply clicking on a link or pop-up that could give scammers remote access to your device.
Scammers often pretend to be from reputable companies such as Microsoft or Apple, often insisting they need remote access to a device to “fix” the problem. If scammers are given access to a device, they may install malicious software, steal files, or demand a fee for repairs that weren’t needed in the first place. In some cases, scammers may lock a device entirely and demand a ransom to restore it.
4. Romance and friendship scams
Romance and friendship scams target individuals by pretending to be a potential romantic partner or friend. Through dating apps, social media sites, and messaging apps, initial conversation is typically friendly. The scammer may be overly affectionate and share fake personal stories in an effort to build trust. This can take place over weeks or even months.
Once a relationship has been established, a romance scammer starts asking for money. The scammer will often cite a personal emergency or trick the victim into thinking they need travel funds to visit them. Highly manipulative, online dating scams can take a toll emotionally and financially with victims often reluctant to believe the relationship isn’t real.
5. Password and account hacks
Stolen or guessed passwords can lead to criminals gaining access to online accounts. Using the same password across multiple sites means that a data breach can lead to more sensitive accounts becoming compromised, such as email or banking.
Once a scammer has control of an account, they may change passwords to lock the owner out. They may also send scam messages to the victim’s contacts or gain access to stored personal or financial information. Sometimes, such attacks take place following large data leaks after which thousands of usernames and passwords are sold on the dark web.
6. Malware and ransomware
Malware is malicious software that damages or takes control of a device. It can be distributed in multiple ways including suspicious links, email attachments, or shady downloads. Once installed, malware can monitor a user’s activity, steal information, and disrupt a system.
Ransomware is a specific type of malware that locks files or a device and demands payment to reverse the change. The ransom payments demanded can range from a few hundred to thousands of dollars. Even if the ransom is paid, there’s no guarantee that scammers will restore the stolen data.
More articles for seniors:
Online safety tips for seniors
All of the above is indeed scary, but the good news is that staying safe online doesn’t require you to be a tech expert. Just a few simple habits can help protect anyone – senior citizens included – from the most common threats.
Use strong, unique passwords
It’s important to avoid using the same password for every website. The reason for this is that if that password is stolen, then all accounts are at risk of being compromised. A strong password is unique to one website and contains a mix of letters, numbers, and symbols. There should be no obvious details such as a birthdate or a pet’s name.
Most people have dozens of online accounts, so it’s impossible to remember so many strong and unique passwords. It’s therefore a good idea to use a quality password manager. This is a secure place to store not only passwords but credit card details and notes. You’ll only need to memorize one master password to access them.
Think before you click
Many online scams start with just a single click. This may be a link, an attachment, or a button in a message. That’s why it’s so important to think before you click. Scammers often send emails or text messages that look like they’re from trusted sources such as your bank. Be careful with unexpected communications and pop-ups like this, especially if they seem urgent or ask for personal information.
Scammers try to trick you into clicking dangerous links or opening fake websites that look real. Their aim is to steal your information or install malicious software on your device. If you receive a message from a seemingly trustworthy source such as your bank, then don’t click on any links within it. Instead, go to their website directly or contact them via official sources to verify the message’s legitimacy.
Keep devices and software updated
Keeping computers, smartphones, and apps up to date is one of the easiest and most effective ways to stay safe online. Not all updates are just about adding new features either. In fact, they often patch critical security problems that cybercriminals try to exploit. Failing to install them may leave devices vulnerable to viruses and online attacks.
Most updates are released automatically by companies like Microsoft, Apple, and Google. Your device may ask to restart or approve the update. Whether it’s your operating system, antivirus software, browser, or an email or banking app, it’s important to do this as soon as you can to stay protected. Where possible, enable automatic updates if you haven’t already.
Use a reputable antivirus
Antivirus software adds an essential layer of protection by scanning for viruses and malware. A quality antivirus will detect and block these threats before they can do any harm, often without you having to do anything at all.
Windows devices typically come with Microsoft Defender pre-installed, which is enough for most people’s needs. However, there are reputable paid options such as TotalAV and Norton 360, both of which add additional security features as well as customer support.
Be wary of pop-ups that claim to be antivirus programs. Many of them are scams. If you’re ever unsure, ask someone you trust to check. Remember, even the best antivirus is no replacement for common sense.
Use a VPN on public wifi
Using the internet on public wifi, such as in a cafe or at an airport, can put your information at risk. Many of these wifi networks lack security, which is where a Virtual Private Network (VPN) can help. A VPN creates a secure, private connection between your device and the internet. This hides your activity from others on the same network.
There are many VPN services to choose from. We don’t recommend free VPNs that often lack the security required to keep data safe. The best VPNs, such as NordVPN and Surfshark, are not only secure, but easy to set up and use. They provide 24/7 support and even extra security features such as a password manager or antivirus.
Hang up on “tech support” calls
Calls from people who claim to work for Microsoft or Apple are usually scams. They’ll claim there’s something wrong with your device in order to obtain remote access or to get you to pay for a fake repair. These scams can often sound very convincing, especially if the person knows your name or other details. It’s best to hang up on these calls.
Sometimes, you might see a pop-up on your screen warning of a security threat and urging you to call a number. This is also a scam. Real tech companies don’t call people unexpectedly and they don’t post phone numbers in warning messages. If you do see such a pop-up, it’s best to close it or simply turn your device off and ask a trusted family member or friend for help. Avoid giving personal information or remote access to someone who contacts you unexpectedly.
Turn on two-factor authentication
Two-factor authentication, or 2FA for short, adds an extra step when you log into a website. So instead of just entering your password, you’ll also receive a unique code by email, text message, or authentication app. Even if someone were to find out your password, it would be much harder for them to access your accounts because they’d also need to provide this second factor of authentication.
Many websites now offer 2FA in their settings. It may seem like a hassle at first but setting up 2FA on your accounts doesn’t take long and significantly increases account security. This is all the more important on accounts with sensitive information such as email, banking, and social media.
Shop on secure, trusted websites
Although online shopping is generally convenient and safe, stick to websites you trust. Scammers have been known to set up fake online stores, offering popular items at heavily discounted prices. The aim is of course to trick people into entering credit card details or making payments for products that never arrive.
Before buying anything online, make sure the website’s address starts with https:// – the “s” stands for secure. Depending on the browser you use, you should also be able to see a padlock symbol in the address bar. This means that your connection is encrypted and your data secure. Avoid shopping through pop-up ads or unfamiliar links from emails or social media. If anything sounds too good to be true, it probably is.
Don’t overshare on social media
It’s only natural to want to share moments of your life, be it photos or family news. The unfortunate reality is that personal information such as this can be used by scammers to guess your passwords, trick you with targeted scams, or impersonate you. Posting something such as your pets names or travel plans may seem harmless but they’re the kinds of clues criminals look for.
You can still stay connected with family and friends but it’s best to keep your social media accounts private when possible, limiting the information that strangers can see. Be selective about what you post publicly too.
Log out when you’re done
If you use shared or public computers, remember to log out of your accounts when you’re done. Closing the browser window doesn’t always end your session and someone could simply reopen the page or recently closed tabs and see your personal information.
Most websites make it easy enough to end your session with a clear “log out” or “sign out” button. If you use a password manager to store your login credentials, there’s no reason not to sign out of accounts because signing back in is so quick and convenient, provided there’s an autofill feature.
Ask for help
Don’t be afraid to ask for help as and when you need it. Scams can and do trick anyone of any age, and can do so quickly. They often use pressure or confusion in order to make you act fast. If something doesn’t feel quite right, whether that’s a strange message or a confusing website, don’t take any immediate action and instead talk to someone you trust.
Even the most tech-savvy people can get caught out by online scams. It’s only by taking the above measures and by reaching out for help that we can all stay one step ahead.
Safety tips for seniors: FAQs
Are pop-up warnings about viruses real?
No, most pop-up warnings about viruses are usually scams. Their aim is to scare you into calling a fake tech support number, downloading harmful software, or allowing remote access to your device. Your best bet is to close the pop-up, restart your computer, and not call the number shown. It’s also a good idea to run an antivirus scan to make sure no malware has already made its way onto your device.
How can I tell if a website is safe for shopping?
Checking if a website is safe for shopping is straightforward enough. Look for a padlock symbol in the browser bar and check the website address starts with https://. Note that this is still no guarantee with an increasing number of phishing sites now using SSL. It’s also good practice to stick with retailers that you know and trust. Deals from unfamiliar sites that seem too good to be true are best avoided.
Is it safe to use public wifi at places like cafes and libraries?
You can safely use public wifi but to do so, it’s best not to access sensitive accounts such as online banking, or enter personal information. If you do need to do so, it’s important to secure your connection by using a VPN. This encrypts the data traveling to and from your device so that those with malicious intentions can’t intercept it.
What should I do if I clicked on a scam link?
First thing’s first, don’t panic. Immediately close your browser before running a full antivirus scan. If you provided any passwords to the scam, be sure to change them straight away. This prevents scammers from taking advantage of them and stealing your data or locking you out of your accounts. If any financial information was given out, contact your bank or card provider.
Should I write down my passwords?
It’s okay to write down passwords as long as they’re stored in a safe place. However, a password manager can store all of your login credentials securely. It will help you generate strong and unique passwords for all of your online accounts. Autosave and autofill features make creating new credentials and filling in forms quick and easy. All you’ll need to remember is your master password.