This chilling scene from The Beekeeper is a dramatic yet realistic example of a type of phishing scam directed at seniors: Eloise, a retired schoolteacher, is on her computer looking over charity accounts that she manages when a virus warning pops up. She calls the provided number, which unknowingly to her connects to a call center operated by a phishing scam operation.
The call center rep portrays a support desk tech and during his conversation with Eloise, he lies about the source of the virus warning. She falls into his trap by installing fake antivirus software, which links to all the charity accounts. The connected malware drains over $2 million from the charities Eloise runs. She realizes too late what has happened and is left in despair.
Among the fastest-growing cybercrimes targeting seniors today are phishing or “smishing” scams. In phishing/smishing scams, criminals send fake messages to trick seniors into giving away personal information, such as passwords, credit card numbers, or even one-time passwords (OTP) for account verification.
Why are seniors often preferred targets for these scams, and how can they stay protected? Here’s a comprehensive guide to help you and your loved ones stay safe from smishing.
Why Are Seniors a Preferred Target for Phishing/Smishing Scams?
Seniors are often targeted by scammers for several reasons:
Less Familiarity with Technology: Many seniors aren’t as familiar with new digital threats, making them more vulnerable to smishing and phishing techniques.
Trusting Nature: Scammers exploit the trusting nature of seniors, knowing that they may be more likely to believe the legitimacy of a message.
Isolation: Scammers often prey on seniors who may be isolated or lonely, making them more willing to respond to messages, even from unknown numbers.
Financial Independence: Many seniors control their own finances or have access to retirement funds, which makes them valuable targets.
Keep reading for more about the different types of phishing and smishing scams and how to recognize and avoid them.
Common Types of Phishing and Smishing Scams
-
One-Time Password (OTP) Scam
One-time passwords (OTPs) are security codes sent to your phone to verify your identity when logging into accounts or making transactions. Scammers try to trick seniors into giving up these codes, allowing them to take control of their accounts.
Example – “Your Venmo account login is suspicious. Please verify your identity by providing the OTP sent to your phone.”
In this case, the scammer is pretending to be a trusted company and trying to get the OTP that was sent to you for your own security. Never share your OTP with anyone, especially through text messages or phone calls. If you receive an unexpected OTP request, it’s a red flag that someone may be trying to access your account.
-
Bank Account and Credit Card Scams
These messages often warn of suspicious activity on your bank account or credit card and ask you to take immediate action by clicking a link or providing your details.
Example – “Your account at Bank of America has been temporarily locked due to unusual activity. Click here to unlock your account: www.fakebanklogin.com.”
Banks will never ask you to verify your account through a text link. Always contact your bank directly using the phone number from your card or statement if you suspect an issue.
-
Delivery Scams
Scammers will send messages claiming that you have a package waiting for delivery, but they need additional information to process it.
Example – “UPS: We tried to deliver your package but need additional information. Please provide it here: www.fakedelivery.com.”
These messages are often designed to capture your personal information or steal credit card details. Always check with the delivery service directly through their official app or website.
-
Fake Tech Support Scams
Scammers impersonate tech support from well-known companies, claiming that your device has been compromised.
Example: – “Microsoft: Your device has been infected with malware. Click here to install antivirus software immediately.”
Legitimate tech support will never contact you this way. These scams aim to trick you into downloading malicious software that can steal personal data.
-
Government or Tax Scams
Scammers impersonate government agencies like the IRS, warning about unpaid taxes or offering refunds in an attempt to steal personal information.
Example – “IRS: You have an overdue payment of $1,500. Please pay immediately to avoid legal action.”
Government agencies will never ask for personal information or payments via text. Contact the agency directly if you’re ever unsure.
How to Report a Phishing/Smishing Scam
If you or a loved one encounters a suspicious text message, it’s important to report it to help stop the scammer from targeting others.
Here’s what you can do:
-
Forward the Scam Text
In the U.S., you can forward scam texts to 7726 (SPAM). This service is provided by most major mobile carriers, and they will investigate suspicious messages.
-
Report Scam to the FTC (Federal Trade Commission)
You can report smishing and other frauds to the FTC by visiting their website at ftc.gov/complaint. Reporting these scams can help law enforcement track and shut down fraud rings.
-
Report Scam to the Company Being Impersonated
If the scam text appears to be from a well-known company (like Amazon, your bank, or the IRS), you can report it directly to their fraud department.
-
Block and Delete the Number from Suspicious Message
If you receive a suspicious message, block the sender immediately and delete the text. Never engage with the message, as scammers can collect information based on your replies.
Tips for Seniors to Protect Yourself from Smishing Scams
-
Be Skeptical of Urgent Requests
Smishing messages often create a sense of urgency, pressuring you to act quickly. Don’t let the panic take over—slow down and think it through.
-
Verify with the Company Directly
If a message seems to come from a known company or institution, contact them using their official phone number or website. Never use the contact information provided in the suspicious message.
-
Look for Red Flags
Common red flags include poor grammar, generic greetings, and unsolicited offers. Trust your instincts—if something feels off, it probably is.
-
Never Share Personal Information via Text
Legitimate organizations will never ask for your passwords, credit card numbers, or OTPs via text. Always keep this information private.
-
Install Security Software
There are security apps that help detect and block phishing or smishing attempts. Consider installing one to safeguard your mobile device.
-
Educate Your Loved Ones
Talk to seniors about these common scams, and make sure they feel comfortable asking for help if they receive a suspicious message. Staying connected and informed can make all the difference.
Keep Alert for New Scams Targeting Seniors
By educating yourself and your loved ones about smishing and other scams, you can reduce the risk of falling victim to these harmful schemes. Always be cautious, never share personal information through text, and report suspicious activity immediately. Remember: when in doubt, don’t click, don’t reply, and always verify.