Security tips for cyber-savvy senior citizens

The digital revolution has changed the world in mere decades, and it’s no exaggeration to say that some of us have watched what used to be science fiction become a reality in our lifetimes. The ability to:

  • instantly stay in touch with friends and family anywhere in the world,
  • keep up with international and local events on social media and news platforms,
  • manage our banking, payments and business processes online,
  • have our insurance and emergency response providers notified immediately if we’re in an accident, and
  • shop for what we need, when we need it, and have it delivered wherever we want.

These are just a few examples of the digital convenience available to us all, no matter how young or old we might be.

Sadly, criminals of all ages also keep up with changing technology, and the digital revolution has provided fraudsters, scammers and confidence tricksters with millions of new targets.

For reasons we’ll explain shortly, senior citizens can be particularly vulnerable to cybercriminals who use social engineering to reel in their victims. Social engineering is the practice of playing on emotions like fear, curiosity and compassion, along with the universal need for social acceptance, to manipulate you into thinking and doing what the con artist wants you to. It’s important that you learn to protect yourself against scams so that you can enjoy the digital convenience offered by desktops, laptops and mobile devices safely.

Why older people can make easy targets

Broadly speaking, anyone born after the mid-1970s has grown up with increasing levels of computer and cellphone technology woven into the fabric of their daily lives. Information technology is not something new they have had to learn to use as adults – it's something that they’ve adapted to as part of their natural development, like tying your shoes or learning to eat with a knife and fork.

For anyone born before the 1970s, however, Arthur C Clarke’s famous quote ‘Any sufficiently advanced technology is indistinguishable from magic’ has never been truer. If you’re from the generation before digital connectivity took off, computers and mobile devices are not tools that you’ve been using since childhood. They’re a kind of magic controlled by ‘those IT experts’, and it’s easy to be so intimidated by them that you don’t even try to learn how they work.

This generation is more vulnerable because online fraudsters prey on qualities shared by many older users:

The fear of technology you don’t fully understand. If you don’t know the difference between a website, an app and a platform, or a text, an email and an attachment, it’s easier for criminals to bamboozle you with false warnings about ‘problems’ they claim to have discovered in your system, using lots of technical terms you don’t understand, to trick you into giving them sensitive information like usernames and passwords.

Regular, predictable income payments. In many communities, grant recipients and pensioners may be among the few residents who receive a regular monthly income. Criminals know this, and they also know payment dates. Every month, they prey on pensioners at ATMs or via phone scams as soon as their grants are paid.

Respect for authority and institutions. Again, generally speaking, senior citizens are more likely to have been raised to treat authorities and institutions like banks, insurance companies and the South African Revenue Service, with respect. This makes them an easier target for scams that pretend to be from an authority, threatening them with legal penalties. If they panic and comply without checking the authenticity of the ‘authority’, they could become a victim.

Politeness and compassion. A long life can teach you that everyone deserves respect and dignity, and that we should help others whenever we can. Ironically, these values can make you more vulnerable to cybercrime. When you get a call or email from someone spinning a confusing tale, politeness can make you respond, if only to work out what they’re talking about. In doing so, you could be giving a criminal information about your identity that helps them defraud you. In the ‘grandparent scam, a cryptic message about a family member or an employee who urgently needs money could see your compassion overriding your common sense, making you an easy target.

Loneliness. All too often, older people find themselves living isolated lives. Their grown-up children are off raising their own families, and their spouse and most of their friends have passed on – this can be a very lonely life stage. The need for human contact is perfectly natural, but it can make you more receptive to engaging with strangers, even when you suspect they’re trying to sell you something. What you may think is a casual conversation about your circumstances could be a criminal subjecting you to social engineering; capturing personal details that they can use to access your accounts.

Need for financial security. Older people always worry about whether the income or the capital they have will sustain them for the rest of their lives. Cyber criminals use this against them by promising guarantees and unrealistic investment returns to gain access to their information.

Common cyberscams

Most online scams try to steal your information so that criminals can impersonate you. If they can obtain your personal details, they might be able to transfer money from your accounts, or open accounts and apply for credit in your name. They may try to get you to reveal this information in voice calls, texts or emails.

A common trick is to call and claim to be from a computer support helpdesk, saying they need to fix a critical bug on your system and asking for your login details. Or they will talk you through a ‘repair’ process that allows them to download and install software that gives them access to your device. They can then spy on all your digital activity, including recording your keystrokes to capture your usernames and passwords.

Another popular tactic is to pretend to be calling from your bank, claiming that a large withdrawal or debit order is being processed from your account and asking you to reveal or change your login details to details that they give you. Or a scammer might send you fake texts and emails pretending to be from your bank or another service provider, with a false ‘click here’ link. Instead of connecting you to the official site, however, this link will take you to the fraudster’s lookalike site, where they can capture your login details. Or worse, clicking on a scam link could download malicious software to your device, giving the hacker access to all your banking, messaging and social media information.

How to avoid becoming a victim

Trust nobody.

Do not accept any unexpected communications at face value, no matter how real they seem.

Hover your mouse over the sender’s address, or any links in an email – the true addresses will appear, which often makes a scam immediately obvious.

Never share your card number and PIN or Online Banking login details with anyone, and don’t keep these details written down at your desk, or in easily accessible files on your computer or mobile device. Your bank will never ask you for these details to reverse a transaction.

Always read Approve-it messages carefully before you accept them to make sure you’re approving a transaction you want to make. Never share your one-time password (OTP) with anyone.

Keep your passwords safe. Don’t use one username and password for all your logins and make sure that your username and password are not similar or the same. Don’t store your passwords on your device or in your browser.

If you’re a Nedbank client and someone calls you claiming to be from the bank and asking for account details, double-check by calling us directly on +27 800 110 929 to verify that the request is legitimate.

If someone calls you claiming fraudulent activity on your account and gives you partial personal information, ask to call back on the fraud number to complete the verification yourself. Never accept cellphone numbers as coming from the bank.

Your bank will never ask you to confirm or update your account login details by email, or to provide your login details in a phone call.

Be sure to secure your devices against theft, too. If your device is lost or stolen, fraudsters can use many tricks to get your personal details and access your accounts.

If your cellphone is lost or stolen:
1. call 0800 110 929 to let us know,
2. call your network service provider to suspend your service, and
3. report the incident at your nearest police station and get a case number.

Take extra precautions when using any digital devices. Secure them with passwords and don’t leaving them unattended.

Make sure you have antivirus software installed to identify and block any malicious links and update it regularly.

Avoid doing your banking on public Wi-Fi connections like internet cafés, or on any other shared computer.

You can reduce your risk further by putting sensible transaction limits on your accounts, so that even if a cybercriminal does get access, you limit your losses.

Stay vigilant and sceptical and keep up to date with the techniques that criminals are using, to give yourself a fighting chance.