Older Americans are prime targets for financial scams and other cyber crimes that have led to billions lost due to fraud. Can technology save them?
We urgently need your help. DAME reports the stories that need to be told, from perspectives that aren’t heard enough. In times of crisis it is even more critical that these voices are not overlooked, but COVID-19 has impacted our ability to keep publishing. Please support our mission by joining today to help us keep reporting.
“Elder fraud” is becoming a rampant problem, without enough solutions.
In 2018 alone, Americans were victims of nearly $10 billion in phone fraud and $3 billion in cyber crime. Seniors are most often the targets of these types of crimes, and the rates of abuse have quadrupled in recent years, with some victims scammed out of hundreds of thousands of dollars. One report from the Consumer Financial Protection Bureau identified $600 million in losses in 2013 compared with $1.7 billion in 2017.
Fraudsters know seniors are particularly vulnerable, and their scams are becoming more sophisticated each year—involving complex phone and Internet-based attacks, utilizing e-mail, websites, and social media, communication tools many seniors are unfamiliar with.
Scams can begin in any number of ways, but they tend to escalate at some point to a direct conversation—generally by phone or email—between the scammer and the victim. The scammer, posing as a tech support staffer, an IRS representative, or some other person in authority (government, finance, etc.) convinces the victim that s/he needs to provide information like social security numbers or bank account information—or even go out and buy gift cards for someone—sharing those numbers with the scammer. Sometimes the scammers find ways to impersonate family members and obtain bank account access that way. Other scams include fake deals on credit cards or scenarios where victims are told they won something or that they have debt and need to pay up.
Many of these scams begin with automated recordings or emails that appear to be coming from legitimate sources. In recent months, a “social security” scam took place where scammers posed as government employees from the Social Security Administration. This is similar to the recent “IRS” scam, where an official-sounding recording asks the recipient to call a number to discuss a tax problem. In the case of the scam around social security, the call tells people their social security number has been suspended. Seniors who receive that call and believe it might be true and call back, concerned about their benefits, can then be targeted as the scammer collects personal information and exploits them.
The U.S. Senate convened a Special Committee on Aging that released a paper earlier this year called the Fraud Book explaining the situation in more detail. The Treasury Inspector General for Tax Administration (TIGTA) has called the Internal Revenue Service (IRS) impersonation scam “the largest, most pervasive impersonation scam in the history of the IRS.” From this one scam alone, more than 2 million Americans have been targeted by automated voicemail and/or people impersonating IRS employees.
At one point, the TIGTA received reports of roughly 30,000 people being targeted each week. So far, Americans have lost more than $65 million from this one scam. Most of those victims have been seniors. Based on the Senate paper, “criminals generally accuse victims of owing back taxes and penalties. They then threaten retaliation, such as home foreclosure, arrest, and in some cases, deportation, if immediate payment is not made by a certified check, credit card, electronic wire transfer, prepaid debit card or gift card.”
Another problem to consider: how technology is designed. “If you can design something so most seniors don’t see what they’re clicking on, then it becomes much easier to fool then, to take advantage,” says Alan W. Silberberg, CEO of Digijaks, a cybersecurity firm focused on prevention of socially engineered attacks. So if a man searches for ‘knee arthritis,’ he could see a barrage of ads targeting him and taking advantage of his age and inexperience with technology, leading him to click on an ad that contains malicious code, stealing private data from his computer.
On top of that, many of those seniors who were brought up in a time when politeness was paramount and in families where giving the benefit of the doubt was a core value are extra vulnerable. Based on AARP research, personality traits that can make a person more susceptible to fraud include: respect of authority, people pleasing, being friendly, and loneliness.
A 2017 study by Cornell and York University researchers determined that “altered neural functioning may also predict poor financial capacity and exploitation risk in normal aging.” According to the MIT AgeLab, as adults age, our brains lose some ability to judge whether people are trustworthy. In particular, the anterior insula and posterior superior temporal cortices—regions that process social information—can, when thinned, become less able to recognize situations where they are being taken advantage of. This is particularly the case in adults over the age of 80. Combine that with natural challenges of keeping up with advancing technology, and seniors are ripe targets for fraud.
Seniors can be targeted more heavily when they’ve fallen prey to a smaller scam in the past. Once hackers know that a certain person is vulnerable, that person’s information gets added to lists and targeted again. And as scams become more sophisticated, even sharp seniors can become victims. In one case, a retired attorney received confirmation that he won $100,000 in a sweepstakes. He and his wife, an experienced IT professional, researched the company to determine whether it was legitimate. Everything looked fine, but they decided to verify with the bank that the check cleared. When they did so, they discovered that instead, the scammer had figured out a way to take $100,000 from the account. Luckily, they found it in time. The bank stopped the transfer, and the couple reported the incident to the FBI.
Seniors need security and privacy like everyone else, but due to this perfect storm of brain changes and insufficient technical understanding, they also need additional warnings to tip them off to potential risks, and they need education to protect them from these predatory scams. Risks increase significantly as seniors move past their seventies. According to the Consumer Financial Protection Bureau, one-third of all financial scam victims were over 80 years old. “It’s almost like a new digital divide—many older people weren’t trained for it in the first place,” emphasizes Silberberg.
And since hackers know seniors are vulnerable, they’re targeting seniors with every scam they can. Another common scam has been for someone to pose as a technical support employee. The fake employee calls the person targeted and claims to need access to his/her computer in order to fix a problem. Once that person provides that access, they’re at the mercy of the scammer, who can get into financial accounts and take funds out directly or blackmail victims into paying more money to “fix the problem.” In one particular case, the victim was told to buy gift cards and provide codes to the scammer by phone. She lost close to $200,000.
It’s not just about the cash either. Medical information is in huge demand. When hackers can find ways to steal that information or accompanying personal information, they can access insurance benefits and redirect them, essentially stealing benefits from seniors. So the seniors can be impersonated online and their insurance identities can be changed. Then the seniors have to work hard within a challenging system to prove they are who they say they are in order to return benefits. Many seniors aren’t equipped to understand that process, making the challenges of recovering from that data theft even more difficult.
Tech companies like Microsoft, Facebook, and Google are aware of these scams and working to combat them through content monitoring and blocking bots. Adding two-factor authentication and biometric identification has helped. Basing security entirely on passwords means those accounts will be more easily hacked. Most companies also have resources available to explain potential scams and a mechanism for reporting. Microsoft has a form specifically for reporting technical support scams and a page sharing specific phone numbers that have been reported. More than 3 million people are victims of technical support fraud each year.
Web service providers and media companies that serve ads now have systems in place to look for fake ads and scams sold as ads from fake advertisers. The scammer advertisers aren’t always caught, but a greater level of awareness now exists in companies that work with advertisers. The best tech tools that exist essentially block the scammers from using their own tools to get through the first phase of their scams — blocking calls, ads, email, bots, and the like.
Some cellular providers, like T-Mobile, AT&T, and Verizon, have services that filter calls, flagging them as potentially spam, fraud, or other types of robocalls. The next version of the iPhone operating system (iOS 13) will include a setting that automatically sends all unknown calls to voicemail, based on user data in Contacts, Mail, and Messages. Currently, smartphone apps like TrueCaller handle this task. TrueCaller has information about who is actually calling you, based on massive databases. Founded in Sweden and funded by Silicon Valley venture capital firms, TrueCaller provides advanced CallerID functionality and spam blocking. Because they crowdsource their data from 250 million users, they are able to more accurately determine which calls might be coming from scammers.
This doesn’t always solve the problem, if the calls are spoofed. Amy Nofziger, Director, Fraud Victim Support at AARP says that based on a recent AARP survey, “an overwhelming majority of U.S. adults find robocalls “annoying” (94 percent) and “disruptive” (90 percent), but few are taking action to protect themselves. To get you to pick up the call, scammers use “spoofing”: They fake the area code or the prefix that appears in your caller ID to make the call seem local and make you think someone you know is calling. More than half of U.S. adults (59 percent) surveyed said that they were very or somewhat likely to answer a call with a local area code, and almost half (44 percent) said they’d probably answer a call with an area code and prefix where family or close friends live.”
“I think we have a long way to go to try to educate people and help them be safe,” says Silberberg. “I do not believe that these larger companies are doing a good enough job to prevent the type of elder abuse that we’re seeing. And I think it’s atrocious what some of these ad companies are allowed to get away with regarding senior citizens.” Most seniors aren’t getting the training they need to prevent them from becoming victims, and we don’t have enough safeguards in place to protect them in the first place.
“It would take a fairly large effort by federal and state governments to mandate different ways of managing and controlling one’s identity online,” Silberberg explains. Some states are working on it, but many don’t have funding or task forces in place. “For many states, it’s like a Wild West.” To combat the problem, Silberberg recommends building in filters or more ways for seniors to opt out of certain websites or ad targeting. “We can take our kids off a website, but there’s nothing like that for senior citizens.”
Fortunately, the U.S. Justice Department is taking elder fraud seriously, announcing the “largest-ever national elder fraud sweep,” including both an increase in law enforcement of fraud like tech support scams and Congress is working to develop stricter laws. In late May, the Senate passed the TRACED (Telephone Robocall Abuse Criminal Enforcement and Deterrence) Act, requiring voice service providers to incorporate call authentication technologies, and the bill directs the FCC to study the problem further and gives them authority to crack down more on violations. The bill is now under consideration in the House.
Because it can be complicated to understand all of the potential ways seniors can be targeted for these types of attacks, there are many resources available. AARP has a Fraud Watch Network and a help line. USA.gov has a Scams and Frauds resource page. The FBI published a list of “Tips for Avoiding Telemarketing Fraud,” and anyone can sign up for scam alerts at FTC.gov/scams. The U.S. Senate Special Committee on Aging also has a fraud hotline people can call: 1-855-303-9470. Another common recommendation: sign up for the Do Not Call Registry at DoNotCall.gov to reduce all unwanted phone calls. All seniors should be encouraged to get help any time they are confused by calls, email, or other online communications.
Unfortunately, the onus remains mostly on individuals to stay on top of these scams. Seniors can’t always depend on Caller ID or email headers to be authentic. Not all websites block fraudulent ads. And not all seniors who need help identifying potential scammers have family members or caregivers close by who can assist them. So in those cases, they need a support system within their communities where they can share resources like those listed above, protecting each other from becoming victims. And anyone with a computer and money or insurance can be a victim.
According to Nofziger, “one of the best things to do to avoid involvement with a spoofing call is to only pick up your phone when you absolutely know who is calling you. If you are not sure, allow the call to go to voicemail. If it is important, they will leave you a message. Also, if you are using a smartphone, a suggestion would be to add all of your regular contacts to your phone. That way, anytime a friend or family member calls you, their name will appear on the screen.”
Nofziger adds: “For the loved ones in our lives who always pick up the phone without hesitation, consider placing a reminder by their phone that says, ‘Mom, remember this might be a scam. Do not give out personal or financial information; call me first.’ Anything to remind them that scammers regularly use the phone to steal from people will help.”
This is the second installment in our two-part series on how technology is serving our aging population. Read the first here: “Is HealthTech Failing Our Aging Population?”
We urgently need your help!
Covid-19 has dramatically impacted our ability to keep publishing. DAME is 100% reader funded and without additional support, we can’t keep publishing. Become a member at DAME today to help us continue reporting and shining a light on the stories that need to be told, from perspectives that aren’t heard enough. Every dollar we receive from readers goes directly into funding our journalism. Please become a member today!
(If you liked this article and just want to make a one-time donation, you can do that here)