Retirees are under constant attack from cybercriminals, who have developed a variety of ways to fleece retirees of their hard-earned money.
When people hear about “cybercriminals” and “online scams,” they probably think of some of the outdated “Nigerian prince” scams, where someone from “royalty” contacts you with an investment scheme and requests your bank account information. Believe it or not, these schemes still rake in around $700,000 per year.¹
But cybercriminals are much more sophisticated these days, and over the years their methods have advanced beyond obvious fraudulent emails to a variety of very effective scams designed to be much more convincing and easier to fall for.
As financial advisors who are responsible for looking after our clients’ assets, we are on the frontlines looking out for a lot of these different schemes. We’ve seen a lot of the most common schemes firsthand. Some of these scammers are so good at what they do, that it is almost impressive. These scams are easy for anyone to fall for, let alone the typical retiree who didn’t grow up with the internet, and tend to be more trusting than younger generations.
That is my way of saying, if you have fallen for one of these schemes, it is not your fault and do not feel bad. You don’t need to be embarrassed, you are not unintelligent or gullible – scammers are just that talented. Remember, they do this for a living.
When cyber-criminals take your money, it is usually gone for good. There is little you can do after the fact, so preventing these type of things from happening in the first place is key. We feel it is vitally important to warn our clients about some of the most common scams, and the best ways to avoid falling prey to them.
Though most people know to look out for an email from a Nigerian prince, your email inbox is still a prime target for scammers trying to trick you.
In these cases, scammers send you an email, often asking you to take some sort of action, download a file, update or verify your information, or simply to respond to the email. In most cases, they look completely authentic and convince you they are from legitimate companies like Amazon.com or even the IRS!
The email may have subtle red flags, if you look for them, like an email address that is just a little off - using our Amazon.com example the email may be from email@example.com. Notice the “0” instead of the “o” at the end of amazon? It would be very easy to miss. Or firstname.lastname@example.org where the “m” in America, is actually an “r” and an “n” put together.
These scam emails are so common I thought I would just dig through my inbox for an example. It did not take long. Here is an example of an email I got from “Kroger” a couple of days ago.
This email could be easy to fall for because I shop at Kroger, it includes their real logo, and the email was from “Kroger Customer Appreciation.”
A closer look, however, reveals a couple red flags. When I actually clicked the contact info of the sender, I found the actual email address was email@example.com - ok it wasn’t that exactly, but it was similar and definitely not Kroger. A quick internet search showed the address listed in the email is in no way affiliated with Kroger as well.
If you get a suspicious email from a person, especially if it just comes out of the blue, call that person to verify it was them before taking any action. Do not respond to the email or try to email them separately, because their email account may have been the one that was hacked.
If the email is from an organization, make sure to google their support number to call, do not call any number in the email, as it would be fake and designed to further trick you.
This is especially important if the email is asking for your information or asking you to download a file. Files can be infected with malicious programs, but generally require you opening or downloading the file to be effective.
Even when an email appears to occur as part of a conversation you are having with an actual person, it may not be safe. Hackers are so good they will literally monitor email conversations and swoop in with a fake email when a person is most vulnerable i.e. when being asked for personal or financial information.
They will send fake emails from organizations when you would expect to receive them - for example a fake email from “Amazon.com” about Prime Day, when a person would be most likely to fall for the scammed email.
Moral of the story, you must ALWAYS BE ON YOUR GUARD, especially when you are exchanging sensitive information.
One of the favorite tactics of hackers is to take over your computer or lock you out of important accounts, and hold them for ransom until you pay to get them unlocked.
This can happen by opening an infected email, but you also put yourself at risk using public/unsecured Wi-Fi networks. Public networks are generally less secure and make it easier for hackers to get into your personal computer (or phone), or see the data you are transmitting, which could include account passwords and other sensitive personal information.
It is generally a good idea to avoid all public Wi-Fi networks altogether, that means coffee shops, airports, restaurants, and any other networks you aren’t sure are secure. If you do have to use them, or decide to take the risk, avoid signing in to important accounts or filling out anything that requires sensitive personal information a cyber criminal could find useful.
It is also a good idea not to use the same password for multiple accounts, as a hacker getting hold of the password for one account, could allow them to use it to log in to other accounts.
One of the unfortunate realities of the internet is that you never really know who you are talking to. It is very easy for an online scammer to pretend to be someone else, establish a relationship and earn your trust, with the ultimate goal of taking your money.
This is particularly problematic for single retirees and widows/widowers who may be seeking a sense of companionship or romance. Their emotions and human instincts can blind them to red flags about the intentions of the person on the other end of the chat, online dating site, dating app, etc.
The huge red flag in this case is if the person asks you for any amount of money. They will have a convincing story, whether it be a financial difficulty they need help with, or some special business to invest in. Under no circumstances should you send money to someone you have never met in person, even if you have talked to them over the phone, or have actually “seen” them on FaceTime, Skype, etc.
Even if the scammer isn’t able to get any money from you right away, or you have no money to give, they will shift their focus to get you to incur debt. They may ask you to send cash advances from your credit card, or attempt to get you to take out a mortgage or home equity line of credit, all under the false pretenses that they will repay it. There is virtually no end to their attacks.
But because the scammers build such a solid, emotional relationship, albeit an entirely fictitious one, it is easy for a person to be drawn in and really want to help. For victims, the relationship is entirely real, just the same as a relationship with a friend or family member. That is also why this one is particularly tough for victims when it happens, because it usually takes an emotional toll as well as a financial one.
One of the most common ways scammers prey on your good nature is by convincing you a family member or loved one is in trouble and needs help.
The most common seems to be to convince grandparents that their grandchild is in some form of trouble, whether it be in the hospital or in jail, and in need of a lump sum of cash quickly.
The scammers may even pose as your grandchild, personally asking for money to help with school expenses, rent, a car, or anything else you can think of.
They often have a reason you should not tell their parents, and thereby tip the family off to the scam, which is why it works so well. However, if you know about these type of schemes in advance, this can be your first red flag.
Another very common red flag in this type of scheme is that the scammer may ask for payment in the form of gift cards, or some other form of payment. I have actually heard of a case of a Best Buy cashier saving a grandparent from purchasing hundreds of dollars in Best Buy gift cards, as a form of payment to a scammer posing as their grandchild.
Another scam we are starting to see pop up is a fake inheritance from a distant relative. It is entirely believable that a retiree would have an older relative that they had forgotten about, or didn’t know about in the first place, which is what makes this a good target for scammers. The scammers pose as someone handling the estate of the “distant relative” that passed away, and there is often nobody they can ask to verify if this long-lost relative existed.
This scam works because the scammer says that the (large) inheritance will be sent after paying taxes or legal fees in advance, which should be an immediate red flag. If the scammer happens to trick you into sending money the first time, they can try to get multiple rounds of payments out of you under the false pretense that there were issues with the estate, or there was more money than originally anticipated, etc.
As a retiree or someone preparing for retirement, you have spent a lifetime accumulating the savings you will need to live on throughout your retirement. But that wealth you have accumulated makes you a target for cyber-criminals, who will constantly try to develop new ways to steal your hard-earned money.
There is no perfect solution to this problem, especially once you are already a victim, so the best tactic is to stay informed on some of the most common scams facing retirees and always be on the lookout for them.
If something seems suspicious, your gut instinct is probably right. Don’t be afraid to say something to someone else, even if you think that means potentially embarrassing yourself or someone you love. Many scams work because the scammers count on you not speaking with others, so this can be your first line of defense.
Moral of the story, it is the wild west out there. Stay informed and protect yourself as much as possible by constantly looking out for cybercriminals and their schemes.
And for our clients, if something seems off, talk to us immediately.