Older adults are one of the most frequently targeted groups by cybercriminals — because they are more likely to trust urgent calls, less likely to question suspicious emails, and more likely to have significant savings. The most common attacks targeting senior citizens include vishing calls impersonating banks, fake pension scheme notifications, OTP fraud, and tech support scams. Simple, consistent digital habits prevent the majority of these attacks.
Why Are Older Adults Targeted by Cybercriminals?
Cybercriminals target senior citizens for specific reasons: they often have retirement savings, are less familiar with the technical indicators of a scam, tend to be polite and responsive to callers, and are more likely to trust authority figures — which attackers exploit by posing as bank representatives, government officials, or police officers.
Financial losses from elder fraud are among the highest of any age group. A single successful pension scheme scam or health insurance scam can wipe out a lifetime of savings.
Cybersecurity Tips for Older Adults
1. Create and Use Strong Passwords
Use a password of at least 12 characters, combining uppercase letters, lowercase letters, numbers, and symbols. Never use the same password on two accounts. Never use your name, date of birth, or a family member’s name as a password — these are the first guesses an attacker makes.
If remembering multiple passwords is difficult, use a password manager app (such as Google Password Manager, available free on Android devices) to store and autofill them securely.
2. Think Before Acting on Any Urgent Request
Any message — phone call, SMS, or email — that creates urgency is almost certainly a scam. “Your bank account is blocked”, “You have won a prize”, “You face arrest unless you pay” — these are scripted lines used by fraudsters to prevent you from thinking clearly. Slow down, hang up, and call the institution directly using a number you look up yourself — not the number provided by the caller.
3. Enable Two-Factor Authentication
Enable two-factor authentication (2FA) on banking apps, email accounts, and government portals like DigiLocker. This means even if a scammer gets your password, they cannot log in without an OTP sent to your phone. The OTP should never be shared with anyone — not even someone claiming to be from your bank.
4. Protect Your Mobile Device
Set a strong PIN or fingerprint lock on your smartphone. This prevents theft victims from having their banking apps and contacts accessed. Enable “Find My Device” on Android to remotely lock or wipe a stolen phone. Learn how to block a stolen mobile phone in India if yours is lost or stolen.
5. Be Careful with Emails and Links
Never click links in emails from unknown senders. Legitimate banks, UIDAI, or the Income Tax Department will never ask you to click a link to update your details or verify your account. If you receive such an email, call the organization directly using their official website number to verify whether the email is genuine.
Before entering any website, check that the URL starts with “https://” and matches the organization’s real domain exactly.
6. Share Personal Information Carefully on Social Media
Do not share your address, phone number, or daily routine publicly on Facebook, WhatsApp, or any other social media platform. Scammers monitor social media to identify targets, their family relationships, and their financial activities. Follow our complete guide on safe social media practices.
7. Secure Your Wi-Fi Network
Change the default password on your home router to a strong unique password. Unsecured Wi-Fi networks allow attackers on the same network to intercept your internet traffic. Never conduct banking on public Wi-Fi without a VPN.
8. Do Not Trust Giveaways, Prizes, or Free Gifts
If you receive a message saying you have won a prize, a lottery, or a free vacation — it is a scam designed to extract your personal or financial information. Legitimate competitions do not ask winners to pay a fee to claim their prize. See our guide on lottery scam prevention.
9. Install Security Software
Install reputable antivirus software from a trusted source — Google Play Store or the manufacturer’s official website. Keep it updated. Run a scan if your device behaves unusually — unexpected battery drain, unfamiliar apps, or slow performance can indicate malware on your device.
10. Adjust Browser Security Settings
Set your browser (Chrome, Firefox, or Safari) security settings to “High”. Enable pop-up blocking and safe browsing features. Check website URLs for typos or incorrect domain names — scammers create fake sites with near-identical addresses (e.g., sbionline.com instead of onlinesbi.com).
11. Talk to Family and Trusted Friends
Before responding to any unusual financial request — even one that seems to come from a government official or law enforcement — consult a trusted family member first. Cybercriminals specifically ask victims not to tell anyone. That is a guaranteed sign it is a scam.
What to Do If an Older Adult Has Been Scammed
- Stay calm and do not blame the victim — these scams are sophisticated and professionally executed.
- Contact the bank immediately to freeze any affected accounts or dispute transactions.
- File a complaint at cybercrime.gov.in or call the National Cyber Crime Helpline: 1930 within 24 hours.
- For a professional investigation, contact a cyber expert in India who can trace the attackers and guide the legal process.
