Cybersecurity and Seniors

November 5, 2022

Note: This article is here to provide general information to promote awareness on cybersecurity and the risks to seniors. The information given is not guaranteed to prevent a cyberattack and we make no such statements of guarantee. While these suggestions can help, cyber threats are complicated and ever-evolving.


If it seems like there are greater cybersecurity threats and risks lately, that’s because there are, especially to seniors. Simply put, as technology increases and improves, so do opportunities for cybercriminals. It’s an important line item in a company’s expenses, adding anywhere from 5% to 20% to their IT budget. It should also be a part of your home budget as well.

Cybersecurity awareness month is in October and has been around since 2004 as declared by Congress and the President of the United States. The goal, like any awareness campaign, is to make the public aware of the threats and dangers that exist in an ever-evolving world of tech.

senior man holding credit card while on laptop highlighting online cybersecurity


The two most vulnerable age groups currently are those younger than 25, and those 75 and above. According to LexisNexis Risk Solutions, those under 25 are 84% more likely to fall prey to these threats than the next age group of 25-34 year-olds. This is despite the fact that they are the generation raised with digital technology and computers from the earliest age.

The second most vulnerable, when compared to 25–34-year-olds, is the over 75 age group who are over 25% more likely misled by a scam or become a cyberattack victim. While this is a far lower number than we might expect than those raised with digital technology, this group comprises 90% of financial losses to fraud – twice that of other age groups.

son teaching and his senior dad in front of dad's computer discussing cybersecurity


Every cyberattack has a particular tactic with a distinct goal. Usually, these goals share one commonality: to separate you from your money. They often do that by disguising themselves as something real or legitimate and are anything but.

There are a lot of them out there, too many to list in one article. What we’ll do here is list the most common and provide some tips to keep yourself, and your loved ones, safer online.


This one is easy to fall for. The goal of phishing is to disguise an email to look like it comes from someone you know, trust, or have an account with. The goal is to get you to give your sensitive information, such as passwords, and credit card numbers. Usually, there will be a link in the email for you to click on. The link may take you to a malicious site or attempt a download of malware-laden software.


This is a more elaborate phishing attack. With spoofing, this will be designed to look like it is from a credible source. It might look like it came from your bank, financial planner, insurance company, or even a close friend.

Here are some common types of spoofing:

  • Emails designed to look like they are from legitimate sources, complete with logos and branding
  • Websites that look exactly like a business or institution you trust
  • Caller IDs that appear to look like it is from a legitimate company
  • Text message spoofing that clones another person, or organization’s phone number or sender ID.

There is much more. For a more detailed list, antivirus company Malwarebytes has a more comprehensive list of spoofing types and what they mean.


This is malware, which is malicious software, that encrypts files, blocks access to data (like documents, photos, etc.), or even completely lock down a computer until a ransom is paid. Typically, ransomware infects your devices when a malicious link is clicked.

According to TrendMicro, here are some more ways ransomware can infect your devices:

  • When visiting a compromised or spoofed website
  • Attachments from email – usually spammed email
  • Fake Ads – called malvertisements

It’s considered scareware, designed to scare you into action, such as making a payment to restore access to your files and devices.

senior woman's hands on laptop keyboard getting ready to enter her cybersecurity password


The saying “an ounce of prevention is worth a pound of cure” is extremely relevant here. The best way to avoid these attacks is to prevent them. Below are some ways and suggestions to help you be on the lookout for suspicious activity.

Question everything:

For example, if you get an email, or text, that says they are from the fraud department and have detected an issue with a card ending in ****, don’t respond to that message. Don’t call the number in that message. Use the number you know from your institution and call them and verify that activity. They will let you know if they instigated an alert or not, and if so, what steps you need to take.

Look out for suspicious bank activity.

If it seems too good to be true

It probably is too good to be true. Emails, calls, text messages and the like will often present offers of “found money” or a financial prize has been won, or something along those lines. Disregard these emails and messages. As much as we’d like to believe them, they’re geared to separate you from your fortune, not add to it.

This article from the FTC, “How to Recognize and Avoid Phishing Scams” will give you some great additional information and examples of what to watch out for.


Safe and secure passwords are vital. It is far too common to use passwords that are convenient to remember. A rule of thumb, the easier it is for you to remember, the easier it is for someone to guess.

Here are some password tips:

  • Make long passwords. Long passwords, especially if they contain a mix of upper and lower-case letters, numbers, and special characters are hard to guess and decrypt.
  • Have unique passwords. Yes, this is inconvenient but necessary. Have a unique password for your different accounts. Sharing passwords across different accounts means that if the password is guessed, hackers will have access to your other accounts.
  • Use a password manager. There are many services. In this article, Forbes mentions 1Password or LastPass as solutions.
  • Two-Step verification. Also known as multifactor, two-factor authentication, or 2FA, you’ll need another step to access your account, such as a generated code sent to you via text. This extra step can help shut down access if your password is breached.

This is not an end-all list. The more detailed your password, the more unique they are, and the safer you’ll be. A password breach can still happen, but this will help to make it less likely.

Back up your data often

Always back up your data and information. If you back up often but are still faced with a ransomware attack, you can wipe your computer or other devices and perform a clean install. Implementing your backup will allow you to restore files, photos, videos, etc., and make starting over less of a hassle.

This could be simply done on an external hard drive, to the cloud, or, ideally, both. Every so often, plug your external drive in and copy new files over.
With cloud services, this can also be an automatic setting. Having a cloud backup and a hard drive backup will help ensure your files remain safe.

Keep in mind that external hard drives have a lifespan of 3-5 years. You’ll want to replace them periodically and destroy the old ones when they are no longer needed. If you’re using both cloud storage and an external hard drive, and the hard drive fails or you replace it, you can download your cloud storage onto the new drive. Redundancy in backups will help protect your precious data.

Update your software regularly

This often becomes overlooked, but vital. The more outdated software becomes, the more exploitable previous versions are. Most of the time, software updates include bug fixes and security patches. These updates help keep you protected from software breach attacks.

Antivirus software

Antivirus software nowadays also includes protocols to help you with safer browsing. There are some that help block malicious email attempts as well. It is there to eliminate threats before they happen and notify you that a threat has been detected and/or stopped.

senior man and woman holding laptop video chatting with loved ones comfortable with their cybersecurity


For anyone who uses the internet, whether it is from a smartphone, laptop, personal computer, or other device, cybersecurity should be a major concern. Our seniors are amongst the most vulnerable to cyberattacks and fraud, accounting for the majority of these financial losses.

It is important to look out for our loved ones and have conversations about online safety. Talking to our aging parents about online safety is just as important as talking to our kids. If we notice something that is unsafe, or Mom is doing something that is not secure, take action to help.

Continue to research ways to protect yourself and your loved ones. The information is always evolving as different types of attacks become known. The more knowledgeable you are, the safer you and your loved ones can be.

If you need help for your loved one, you might want to check out our Vendor Toolbox. We’re always adding recommended resource services and expertise to our list of trusted vendors.