Recently, there have been frequent reports of elderly people being targeted by cyber criminals. Thieves take advantage of people’s gullibility and emotional pressure to extort thousands of euros. Cybersecurity experts advise seniors to take their time when receiving suspicious emails and messages and not to be afraid to share their doubts with their loved ones – the easiest way to do this is to take a picture or simply forward the emails and messages. It is equally important to make sure that the operating systems of the devices you use are up-to-date and otherwise protected.

According to Rūta Jašinskienė, an expert in information analysis, older people are most often targeted by criminals looking to extort money.

“Fraudsters can pretend to be representatives of the State Tax Inspectorate (STI), banks or public authorities and send a link or an email asking for personal data and confirmation of e-banking access. Alternatively, an email may contain a link to a very cheap price for a simple household product, but once the money has been transferred, the purchased item never arrives,” says the NRD Cyber Security expert, listing the various scams.

Better slow than sorry

R. Jašinskienė notes that both teenagers and seniors often share the same characteristic – gullibility, which cyber criminals try to exploit.

“It is true that seniors, unlike teenagers, have more life experience and a more realistic view of the world, but it is more difficult for them to understand the rules of the virtual world,” says the cyber security specialist. According to Rūta, it is important for older people to understand that, just like in the physical world, anything can happen in the virtual world, but if you know how to react, you can reduce the risk.

First of all, it is advisable not to make hasty decisions, to take a breath and to assess the situation realistically. “If you receive a message or email asking you to act immediately, especially if you are asked to do so, don’t make a purchase, don’t transfer money, and don’t carry your passwords. Talk to loved ones or other people you trust who are more tech-savvy, forward messages or share photos – make sure you get a second opinion on the situation,” advises an NRD Cyber Security expert.

She points out that seniors or their relatives should take care to ensure that technological devices are reliable and secure.

“It is important that technology does not make older people vulnerable. Smartphone or computer operating systems must be configured to provide regular updates, blocking systems for various advertising channels that distribute scam messages, and additional protections, such as DNS protection enabled by telecom companies, must be correctly integrated,” says Rūta.

It’s hard to be aware of the potential threats

Seniors are concerned that services have moved online and that many do not have the opportunity to acquire the skills to deal with them, and find it difficult to understand the threats that lurk there because of a lack of knowledge of the mechanisms involved. For example, older people often store a lot of valuable personal information in their email accounts, which can be used for fraud if the account is taken over. Criminals who gain access to an email account can use the information they find to send false letters to children, relatives and friends asking the senior to transfer money because he or she is in trouble, or vice versa, to seniors who receive letters purporting to be from their children or friends asking for help. According to Mrs Jašinskienė, in some countries, in order to protect against large financial frauds, banks inform their children about atypical and large transactions made by elderly parents.

Advice on using password managers

Karolis Arbačiauskas, Business Product Manager at NordPass, points out that while the information literacy of older people is growing incredibly, they are not necessarily aware of the risks and solutions to cybersecurity.

“For example, seniors are the most reluctant to use drivers where passwords are encrypted and kept secure. Many people tend to think that they are of no interest to cyber criminals. This is a misconception, because each of us has data that is valuable – whether it is an email address, passwords, bank card details, a personal identification number, etc.,” says Arbačiauskas.

He identifies 3 basic rules that everyone should follow when choosing a password.

“Firstly, it is essential to create strong passwords or passphrases. A secure password consists of at least 20 characters – a combination of random numbers, letters and special characters – a passphrase. It should be a long string of random words rather than a sentence with a meaning. Secondly, it is proposed to create a unique password for each account. If criminals break into one account, the others will remain protected. Thirdly, it is not recommended to write down all logins and passwords on paper or in a notebook. It is suggested to use password managers, where you can store your passwords safely and not lose them even if you lose your device,” advises Arbačiauskas. He points out that it is also the responsibility of their children and grandchildren to explain to the elderly the dangers they may face and how to protect themselves from them.

Criminals can pretend to be acquaintances

Liudas Ališauskas, Head of the National Cyber Security Centre (NCSC), identifies phone scammers as one of the main threats to older people.

“Some people have already encountered phone scammers posing as Google employees. They usually call from a Lithuanian number, speak Russian and try to extort people’s personal data, electronic bank or e-mail logins by intimidating them in a variety of ways”, says L. Ališauskas.

The head of the NCSC points out that scammers can pretend to call even a familiar number in a person’s contact book. “If you receive a suspicious call from an acquaintance, check that you are really talking to that person. Ask questions that only they know the answers to. If in doubt, hang up and call back using a trusted contact,” advises L. Ališauskas.

If a person has suffered financially, it is advisable to contact their bank immediately, as in some cases it may still be possible to stop the transfer. The police should also be notified. If you come across a suspicious link or a fraudulent website, you can report it at www.nksc.lt under “Report an incident“.

This article is part of the SOCshare project (No. 101145843), which we are running together with Vilnius City Municipality. It aims to promote more effective sharing of information on cyber threats and how to detect them. The project is partly funded by the European Union. The views and opinions expressed are those of the authors alone and do not necessarily reflect those of the European Union or the European Cyber Security Centre of Excellence. Neither the European Union nor the European Cyber Security Centre of Excellence can be held responsible for them. This article was distributed as a press release and published in lrytas.lt and savaite.lt.