October is Cybersecurity Awareness Month, and I wanted to take this opportunity to raise awareness about a topic near and dear to my heart – keeping seniors safe in a digital world.
Scammers know that senior citizens tend to be less technically savvy and often have ready access to cash. They are vulnerable, it’s abhorrent that criminals are taking advantage of them, and we all play a role in protecting them.
Most corporations today have mandatory training to educate employees on social engineering and other types of scams and how to recognize and avoid falling victim to them. Our vulnerable elderly population is not getting training like this, and these scammers are taking advantage. Please help keep them safe. Communicate, educate, touch base often, and help set up their systems with software and settings that will prevent fraud.
This month, we’re sharing a handful of ThreatX security pro’s top tips for keeping seniors safe – both what you should tell them, and what you — their friend, loved one, or caretaker — should do or set up on their system. This is by no means comprehensive, but it’s a good start.
What to tell them: Don’t click links, and always check URLs.
What you can do: Install anti-virus software and enable automatic updates.
Scammers are very good at convincing people, even tech-savvy ones, to click links. Reinforce to the seniors in your life that, in most cases, they should not click on links in emails — only if they are 100 percent sure it’s from a trusted source.
Also share they should not fill out any forms or give any information online before looking over the website. Does it seem professional? Are there misspellings? Are there several ways to reach the company in the Contact Us section? Check out the URL – if it looks odd in any way – unusually long, misspelled – leave the site.
Finally, make sure seniors’ computers have anti-virus software installed, and enable automatic updates so they’ll get security updates in a timely fashion.
What to tell them: If a family member calls or emails asking for help and money, ignore or hang up and ask another family member to verify.
What you can do: Set up caller ID and add their number to National Do-Not-Call list.
I wrote a blog post about this scam recently. I know someone who fell for this scam – it’s a very convincing ploy that is hard to ignore and designed to use your love for and desire to protect your family. Please explain to vulnerable seniors in your life that if they get a call or email asking for help – even if it sounds very real, they are concerned, or are worried about being rude or impolite – hang up the phone or ignore the email and call a family member to verify.
Make sure the seniors in your life have caller ID and it can’t hurt to add their number to the Do-Not-Call list.
What to tell them: Don’t click on pop-up messages about tech support.
What you can do: Download pop-up blockers.
Explain to seniors that Apple, Microsoft, etc. will not contact them directly about computer updates or problems – and certainly not with pop-ups.
You can install pop-up blockers on their system for added protection.
What to tell them: A government agency or bank will never ask for your personal info or demand payment. Hang up the phone or ignore the email.
What you can do: Install anti-virus software, enable automatic updates, set up caller ID, add their number to National Do-Not-Call list.
This is a really popular scam that plays on fear and people wanting to follow the rules and do the right thing. Explain to seniors that the IRS or their bank will never reach out with extreme urgency. If there were an issue, they would most likely get a non-urgent letter in the mail. And explain that banks and government agencies will never ask for payment or personal information over the phone or email. Again, reassure them that it’s OK to be impolite or rude in these situations – hang up or ignore.
What to tell them: Don’t accept friend requests on social media from someone you don’t know. Don’t respond to messages on social media from people you do know, but that seem out of character.
What you can do: Make sure social media accounts are private and the privacy settings are enabled.
A lot of seniors enjoy connecting with friends and family on social media today, but they are also increasingly targets of scammers in this environment. Help them understand that there is a lot of misinformation and scams on social media and not to click on anything. Tell them to be very careful and selective in what they post and comment on. Only comment on posts from known connections.
Remind them to think twice about accepting friend requests or responding to private messages – do you know this person? Are you already friends with that person but getting a new friend request from them? Would this friend typically send you a message with this tone and content?
Finally, take a look at their accounts and make sure they are private and that their privacy settings are set up properly.
What to tell them: Don’t re-use passwords or use passwords that contain personal information.
What you can do: Set up a password manager.
This is a big one for us here at ThreatX since we spend a good amount of our time identifying and blocking credential stuffing attacks for our customers. These attacks are the result of people re-using passwords across various sites.
Explain to seniors that they can’t use very simple passwords or passwords that contain personal information like their name, birthdate, etc. And remind them that they need different passwords for each site or service.
Here are some good tips from Google:
Long passwords are stronger, so make your password at least 12 characters long. These tips can help you create longer passwords that are easier to remember. Try to use:
- A lyric from a song or poem
- A meaningful quote from a movie or speech
- A passage from a book
- A series of words that are meaningful to you
- An abbreviation: Make a password from the first letter of each word in a sentence
Protecting the most vulnerable
Again, this list is just a start. Bottom line: Helping seniors understand the threats and think twice before taking any action online is the most important step.
It’s all about increasing awareness in this very vulnerable population. And Cybersecurity Awareness Month is a good time to start.