Over the past four years, the U.S. Federal Trade Commission (FTC) has observed a more than four-fold increase in the number of older adults who have lost $10,000 or more to impersonation scams.
According to the FTC, these scams generally fall into three main categories.
In the first, a bad actor poses as a representative from a well-known organization and claims there is suspicious activity on the victim’s account. In the second, a scammer impersonates a government official and informs the individual that their personal data is tied to illicit activity such as money laundering. The third type involves a criminal pretending to be from a tech company—such as Microsoft or Apple—warning the target of a supposed security issue with their device.
Although these attacks vary in form, the underlying goal is consistent: to start a conversation that can be manipulated for financial gain.
Unfortunately, these tactics are proving highly effective. The FTC reported that combined losses for the seniors who lost over $100,000 increased eight-fold in the past four years, from $55 million to $445 million.
Mimicking Common Communications
Seniors aren’t the only ones at risk—many younger consumers have also fallen victim to criminals impersonating major companies, such as Best Buy, Amazon, and PayPal. Cybercriminals not only mimic common communications from these brands, but they also now use advanced technology that makes their scams much harder to detect.
For example, a recent phishing tactic involved bad actors sending emails that appeared to come from PayPal, complete with a legitimate-looking sender address. The emails used the platform’s actual money request feature to ask for payment. The only subtle red flag? The “to:” field contained the cybercriminal’s own email address.
“The PayPal phish-free phishing attack shows just how crafty cybercriminals have become with social engineering scams,” Suzanne Sando, Senior Fraud and Security Analyst at Javelin Strategy & Research, told PaymentsJournal. “Closely following advice given to consumers from FIs, fintechs, and other major financial industry leaders allows these scammers to circumvent the usual red flags consumers are told to look for when determining the legitimacy of a transaction request.”
“Consumers are primarily the first line of defense when it comes to scams, so when everything seemingly checks out and looks legitimate, it’s an easy decision to move forward with the transaction,” she said.
Personalized Fraud Tactics
These crafted messages are effective across the board, but especially so when criminals can personalize them. With younger users, criminals often leverage social media to reach their targets.
WhatsApp recently identified and deleted 6.8 million accounts on its platform linked to scams. These scams—which also appear on Facebook and Instagram—included fake investment opportunities and offers of cash in exchange for likes.
Since seniors tend to be less social media savvy, criminals use a different tactics. Phone calls are still the most common method for targeting older adults.
In addition to the communication method, criminals also tailor their messaging to maximize impact. Older consumers are more likely to take a caller at face value rather than question their legitimacy or hang up.
“Seniors are especially vulnerable because of the socially engineered techniques cybercriminals rely upon,” Tracy Kitten, Director of Fraud and Security at Javelin Strategy & Research told PaymentsJournal. “A sense of urgency and threatening rhetoric make victims feel as if they’ve been backed into a corner.”
“It’s a tactic that is particularly effective with seniors, especially when they fear a loved one might be in danger or that they could face some kind of penalty or fine if they don’t immediately comply with the criminal’s requests,” she said.
Keeping Criminals at Bay
The growing threat against seniors is prompting many organizations to take steps to prevent elder financial abuse.
Nacha’s Payments Innovation Alliance recently issued tools designed to help vulnerable consumers and raise awareness about elder fraud. Among them is a checklist to help banks assist seniors who may have been exposed to scams.
For its part, the FTC also issued guidance for seniors. It warned them not to move money to “protect” it or for any other reason. The FTC also advised older adults to immediately stop all conversations with unknown parties and verify that the individual is from the organization they claim to represent.
Additionally, the Federal Trade Commission recommended that seniors leverage call-blocking technology to reduce the risk of contact with criminals.
