Helping Protect Seniors from Fraud & Identity Theft
Fraud & Identity Theft
Senior citizens’ savings and good credit may make them more attractive to fraudsters
Shame or embarrassment may prevent seniors from reporting fraud
Educate the seniors in your life of the risks and steps they can take to help prevent fraud
While identity theft and fraud can strike people of all ages, senior citizens may be particularly vulnerable, for several reasons. They’re more likely to have more savings and good credit scores, which makes seniors attractive targets, according to the FBI. In addition, says the FBI, they “were generally raised to be polite and trusting. Con artists exploit these traits, knowing that it is difficult or impossible for these individuals to say ‘no,’ or just hang up the telephone.”
Senior citizens may also be less likely to report fraud because they don’t know who to report it to, are ashamed, or may be afraid, the FBI says. For instance, a fraud victim may worry that if family members discover the fraud, they may believe the victim is no longer able to manage his or her own finances.
Among consumers in their 20s, 43 percent who reported fraud in 2018 said they lost money, compared to 15 percent of those over age 70, according to the Federal Trade Commission. However, consumers in their 70s reported losing more money to fraud – a median of $750 per victim, compared to $400 for people in their 20s.
“The people involved are vulnerable, and because of their stage in life, they don’t have the opportunity frequently to recover,” Attorney General William Barr said in March 2019. “And so these losses are devastating to them.”
Are the seniors in your life aware of fraud and identity theft risks? According to the National Council on Aging, here are some common frauds and scams that may target senior citizens:
Medicare/health insurance fraud
In these types of scams, a fraudster may contact a consumer and claim to be a Medicare representative in order to get victims’ personal information. They may also provide bogus services at makeshift clinics for senior citizens, then use their personal information to bill Medicare.
What you can do: If they receive a phone call, email, or letter from someone claiming to be from Medicare, encourage seniors to contact Medicare directly to verify its legitimacy. Medicare encourages senior citizens to record dates they receive health care services, keep receipts and statements, and carefully monitor claims. The agency also encourages seniors not to allow anyone but their doctors to review their records or recommend services, and to be wary of providers who say a service isn’t covered but they “know how to bill Medicare.”
Scammers may use fake telemarketing calls to get money or personal information from senior citizens. These may include offering a prize or money in exchange for a “good faith” payment; telling the senior citizen they must wire or send money because a relative is in this hospital; or posing as a fake charity soliciting donations. In a “grandparent scam,” a caller will pretend to be a grandchild needing money for an emergency, while other callers may claim to be from the Internal Revenue Service or the Social Security Administration.
What you can do?: Educate the seniors in your life about these scams and let them know it’s best to never provide personal information over the phone. If they are concerned a caller is actually a relative in need, encourage them to contact the person first to verify before giving any information or sending money – and not to be persuaded by aggressive tactics. They can tell solicitors that they don’t buy from anyone who visits or calls them unannounced and ask for information in writing. Show them how to research charities using online services such as Charity Navigator or the Better Business Bureau before donating. Lastly, let them know the IRS and the Social Security Administration will never contact people by telephone unless the person initiates the contact.
Online and Email Scams
Scammers may use pop-up browser windows to warn of a virus or tout virus-scanning software, prompting victims to buy and download a fake anti-virus program – or even an actual virus that may open the information on their computer to scammers. Also, phishing emails may appear to be from a legitimate company or financial institution, asking them to log in to their account. Or an email may claim to be from the IRS regarding a tax refund.
What you can do: Explain the risks of pop-up windows warning of a “virus” or other computer issue, and help them install and update reputable anti-virus protection on their computers. Teach them how to recognize phishing emails – for instance, they can hover over the sender’s address to see if it matches that of the company. Encourage them not to log in to their accounts from an email link, but go to the company or financial institution’s web site directly or contact them to verify a communication is legitimate.
If a senior citizen you know has been scammed, encourage them to report it and not to be afraid or embarrassed – everyone is at risk for fraud and identity theft.
Identity Theft: What it is, What to Do
It may be helpful to familiarize yourself with the warning signs of potential identity theft
If you believe your information has been stolen and used fraudulently, there are some steps you can take
Consider placing a fraud alert or security freeze on your credit reports - both are free
Identity theft occurs when someone gets or steals your personal information. The information can then be used to open credit accounts in your name or receive benefits, such as employment, insurance or housing. Identity theft may impact your credit reports and credit scores.
Signs of Identity Theft
Signs of identity theft might include:
Receiving bills for items you did not buy, accounts you don’t recognize, or medical services you did not use
Charges on your credit card or bank statements you don’t believe are yours
Notification that an unfamiliar account has been turned over to a collections agency, or receiving calls from debt collectors about a debt that isn’t yours
Unexplained withdrawals from your bank account
You stop receiving bills or other mail
Notification that more than one tax return was filed in your name
Denial of credit because of the fraudster’s actions
Identity Theft Victim? Steps to Take
If you believe your information may have been stolen and used fraudulently, it can be hard to know what to do and where to report it. So, here are a few things to consider if you believe you're a victim of identity theft:
Contact the company or companies where you believe the fraud occurred, and let them know you believe your identity may have been compromised.
Check your credit reports. Request copies of your credit report from all three nationwide credit bureaus – Equifax, Experian and TransUnion -- and keep an eye out for any information that’s inaccurate or incomplete, or unfamiliar accounts and addresses. You can get a free copy of your credit report at each nationwide credit bureau once every 12 months from www.annualcreditreport.com. You can also create a myEquifax account and get six free Equifax credit reports each year. In addition, you can click "Get my free credit score" on your myEquifax dashboard and enroll in Equifax Core Credit™ for a free monthly Equifax credit report and a free monthly VantageScore® 3.0 credit score, based on Equifax data. A VantageScore is one of many types of credit scores.
Consider placing an initial one-year fraud alert on your credit reports. Fraud alerts serve as a “red flag” to those who pull your credit reports that you may be a victim of identity theft. They encourage companies to take additional steps to verify your identity before granting credit in your name. Fraud alerts are free, and you only need to contact one of the three nationwide credit bureaus to have a fraud alert placed on your credit reports -- that bureau will contact the other two. You can create a myEquifax™ account online to place a fraud alert on your Equifax credit report. You can also download this form for instructions on mailing your request or call Equifax at (888) 836-6351.
Consider freezing or locking your credit reports. A lock and a security freeze have the same impact on your credit reports, but they aren’t the same thing. Both generally restrict certain access to your credit reports. Unless you temporarily lift or permanently remove a security freeze, or unlock your credit reports, they can’t be accessed to open new accounts - with certain exceptions. Find out more information about security freezes and credit report locks.
Submit an identity theft report with the Federal Trade Commission online at www.identitytheft.gov. By reporting your theft online, you can receive an identity theft report and a recovery plan. If you create an account on the website, you can update your plan, track progress and receive form letters to send to creditors.
File a police report with your local law enforcement agency. A police report provides you with a document saying you’ve been a victim, which can be helpful – when requesting a 7-year extended fraud alert on your credit reports, for instance. This type of fraud alert requires a police or FTC Identity Theft Report. To request an extended fraud alert on your Equifax credit report, download this form for instructions.
Report certain types of identity theft to specific agencies. For instance, you can contact your health insurance company’s fraud department or the Medicaid fraud office to report medical identity theft, when someone gets medical care or medications in your name, or report tax identity theft to the Internal Revenue Service and your state’s department of taxation or revenue. You might also consider notifying your state Attorney General or consumer protection department, as they may have resources to assist you.
Monitor your accounts for any suspicious activity, including changes and charges you don’t recognize.
The FTC advises you to keep a record of the calls you make and the people you speak to, and keep copies of any letters you send or receive. It’s also a good idea to keep a written record of other actions you take, such as closing accounts or disputing charges.
What Does Being a Victim of Identity Theft Mean for Me?
Could it hurt my credit scores?
Unfortunately, being a victim of identity theft means your credit scores may be negatively impacted. Thieves could open new lines of credit or credit cards in your name -- and fail to pay the bills. As debt accumulates and payments are missed, your scores may be negatively affected, because of the payment history associated with the accounts or the increase in your credit utilization. Learn more about what actions can affect credit scores.
After you report the fraud, you can work with collection agencies and banks to get any fraudulent collection accounts, late payments and balances removed from your credit reports. You can also file a dispute with the three nationwide credit bureaus. Visit our dispute page to learn how to file a dispute with Equifax.
Am I on the hook for the money?
Per the Fair Credit Billing Act, most credit card companies have protections for those affected by identity theft, like zero-liability policies. The law also sets the maximum liability for unauthorized charges at $50.
Fraudulent ATM, debit cards and electronic transfers are protected under the Electronic Transfer Fund Act. However, it's important to act fast to avoid charges. If you report your debit or ATM card as lost or stolen before anyone uses it, you're off the hook for any fraudulent charges. Otherwise, if you report your card as lost or stolen within two days of learning of the loss or theft, your maximum liability for any unauthorized charges will be $50. If you report the card as lost or stolen between two days after learning of the loss or theft, but less than 60 days after your statement is sent to you, your liability is $500. If you report a card lost or stolen more than 60 days after your statement is sent to you, your liability is unlimited.
If you are a victim of identity theft, consider keeping a security freeze or fraud alert on your credit reports while you work to undo any damage. Being vigilant against signs of identity theft and catching the theft or fraud early can help keep the damages to a minimum.
Cybersecurity Awareness: Your Checkup Checklist
There are steps you can take that may help reduce your chances of becoming an identity theft victim
Ensure your computer and mobile devices are password-protected
Consider enabling two-factor authentication for apps and websites if it's available
It can seem harder than ever to keep up with – and stay ahead of – the threats posed by hackers and fraudsters online, particularly as their tactics keep changing.
While it may not be possible to make your information and data completely hack- or theft-proof, protecting it as best you can may make you a less likely target. It's a perfect time to dedicate a few hours to your personal cybersecurity.
Here is a checklist you can use to conduct your own cybersecurity checkup:
1. Is your computer up to date? Whether you use a desktop, a laptop or both, make sure your browser, operating system and software is updated, so you can receive any patches or security updates released. This can help protect you against malware.
What’s malware? It’s short for “malicious software” and there are a number of types. Some common types include computer viruses, spyware that “spies” on your online, and ransomware that can lock down your computer and files, threatening to erase everything unless you pay a ransom.
While you’re at it, do you have an antivirus program installed? Is it updated to help protect against the latest threats? When is the last time you scanned your computer? And do you back it up regularly? Is your computer password-protected?
If you’re shopping or banking online, look for the https:// that designates a site encrypts data during transmission, or look for a padlock symbol showing the page is secure.
2. Is your mobile device secure? Ensure your phone is protected by a passcode, or that you use a fingerprint or facial recognition to unlock it. If your phone is set up to connect to any available public WiFi network, turn this feature off to avoid connecting to any unsecure networks that may put your personal information at risk. If you frequently must use public WiFi, consider using a Virtual Private Network (VPN).
And if you’re charging your mobile device in a public place, don’t plug your phone’s USB cable into unfamiliar ports; use your own port and cable and plug it into a power outlet. If a port or cable is hacked or compromised, the data on your phone could be stolen.
3. Are you suspicious of unsolicited emails or texts? It can be hard to recognize phishing emails or text messages. A best practice is to avoid clicking on links or attachments in emails you aren’t sure about. If the sender is someone you know, verify with them that the email is legitimate before clicking on it – their account could have been hacked. Don’t send any personal information over email or text.
4. Let’s talk passwords. It’s hard to keep up with passwords on multiple web sites. That’s why it’s common for people to reuse or repeat usernames or passwords. But it’s risky – if one of your accounts is compromised, others using those credentials could also be accessed. Consider using a password manager that creates unique passwords and stores them securely. You also may want to think about enabling two-factor authentication when possible. This adds an extra layer of security and requires you to take an extra step (such as entering a code texted to you) in order to log in.
5. Are your social media habits putting you at risk for identity theft? Check the privacy settings on your social media accounts to make sure you’re comfortable with them. You can also set up login notifications that will let you know if someone else logs into your accounts. Be cautious about what you share and who can see it; your publicly available information could be used to find answers to security questions or learn your routines and location.
6. What about your apps? Check the privacy permissions on your apps and only grant those that are needed. Apps that can access your photos, location, camera and contacts, for instance, can allow the app owner to access your information. Only download apps from the Apple App Store® or Google Play™ and avoid those from third-party app stores. Also avoid apps that pop up and ask you to download them, as they could contain malware.
Cybersecurity awareness may seem unnecessary, but the time you put in may help protect you from hackers and fraudsters, who can create a mess that may take much more time to unravel.
Information from Equifax.com/personal/education/identity-theft/