The Scam Crisis Hiding Behind Dangerous Misconceptions
In 2024, Americans over 60 reported losing more than $4.8 billion to fraud, according to FBI Internet Crime Complaint Center data — a staggering 43% increase from the year before. And those are just the reported cases. The actual number is almost certainly far higher.
As a cybersecurity researcher who has spent 14 years studying digital threats, I can tell you that the most dangerous vulnerability isn’t a weak password or an outdated phone. It’s a false belief. The myths people carry about how scams work — who gets targeted, what “looks” suspicious, and what keeps you safe — are precisely what sophisticated criminals exploit.
Tech adoption among older adults is surging, and that’s genuinely wonderful. AARP’s 2025 technology survey found that 76% of adults over 50 now use smartphones daily, up from 53% in 2019. But as more older adults embrace technology, scammers are adapting their tactics at an alarming pace. The tragic 2025 case of a Bermuda Dunes elderly couple — targeted by a scammer impersonating actor Tom Selleck — ended in deaths that should never have happened.
Let me walk you through seven widely believed myths about tech scams targeting older adults, explain why each one is dangerously wrong, and give you the real information you need to protect yourself and the people you love.
Myth #1: “I’m Too Smart to Fall for a Scam”
This is the single most dangerous belief I encounter, and I hear it constantly — from retired executives, former teachers, even engineers. Intelligence has almost nothing to do with scam vulnerability. Modern fraud is engineered by organized criminal networks that use psychological manipulation techniques refined over millions of attempts.
What I see most often is that scammers don’t target stupidity. They target emotion. Loneliness, fear, urgency, excitement — these bypass critical thinking regardless of your IQ. The FBI’s data shows that the highest individual losses in 2024 came from well-educated, financially comfortable adults over 60.
Romance scams, tech support fraud, and investment schemes are designed to build trust slowly over weeks or months. By the time the “ask” comes, victims have been carefully groomed to comply. Believing you’re immune actually makes you more vulnerable because you’re less likely to pause and verify.
The Truth
Anyone can be scammed under the right emotional conditions. The best defense isn’t intelligence — it’s a habit of verification. If someone contacts you and asks for money, personal information, or remote access to your device, stop and verify independently, no matter how legitimate they seem.
Myth #2: “Scammers Only Use Email and Phone Calls”
Many older adults have learned to be wary of suspicious emails and robocalls. That’s excellent — but it creates a blind spot. In my research, I’ve tracked a dramatic shift in scam delivery methods since 2023. Criminals now reach victims through text messages (smishing), social media direct messages, messaging apps like WhatsApp and Telegram, fake online ads, and even QR codes posted in public places.
The FTC reported in early 2025 that social media was the most profitable contact method for fraud, with losses exceeding $2.7 billion across all age groups in the prior year. Scammers create convincing fake profiles, run fraudulent ads on Facebook and Instagram, and send direct messages that appear to come from friends whose accounts have been compromised.
- Text message scams now mimic delivery notifications, bank alerts, and Medicare messages with alarming precision
- Social media scams include fake investment opportunities, counterfeit product stores, and impersonation of public figures
- QR code scams place fraudulent codes over legitimate ones at parking meters, restaurant menus, and community bulletin boards
- AI voice cloning allows criminals to mimic a grandchild’s or family member’s voice using just a few seconds of audio scraped from social media
The Truth
Every digital communication channel is a potential scam vector. The platform doesn’t determine legitimacy — the request does. If any message on any platform asks you to send money, click an unfamiliar link, or share personal information urgently, treat it as suspicious regardless of where it appeared.
Myth #3: “My Phone and Computer Are Secure Enough as They Are”
I often tell my clients that buying a smartphone or computer is like buying a car — it needs regular maintenance to stay safe. Yet a surprising number of people set up their device once and never update their security settings again. In a 2024 Consumer Reports survey, 38% of adults over 55 said they either delay software updates or skip them entirely.
This is a serious problem. Software updates aren’t just about new features. The majority of updates patch known security vulnerabilities that hackers are actively exploiting. When you dismiss that update notification for the third time this week, you’re leaving a documented, published hole in your defenses.
The Truth
Turn on automatic updates for your phone’s operating system, your apps, and your computer. If you’re using a device that no longer receives security updates — typically smartphones older than four to five years — it’s time to replace it. This is a genuine security risk, not a sales gimmick. If you’re exploring age-tech devices to help you stay independent at home, make sure those are also kept current with firmware updates.
Myth #4: “If a Website Looks Professional, It’s Legitimate”
Fifteen years ago, scam websites were often riddled with typos, broken images, and crude layouts. That era is over. In 2025, criminals use AI-powered website builders and stolen brand assets to create pixel-perfect replicas of banks, government agencies, retailers, and healthcare providers in minutes.
I’ve examined fraudulent sites during my research that were virtually indistinguishable from the real thing — right down to matching fonts, logos, and customer service chat widgets. Some even had valid HTTPS certificates (the little padlock icon in your browser), which many people were taught to trust as proof of legitimacy.
The Truth
Visual appearance tells you almost nothing about a website’s legitimacy. Instead, focus on how you arrived there. Did you type the address yourself or click a link from an email or text? Always navigate directly to websites by typing the URL or using a trusted bookmark. Check that the domain name matches exactly — scammers use tricks like “bankofamer1ca.com” or “irs-gov-refund.com” that look plausible at a glance.
The Cybersecurity and Infrastructure Security Agency (CISA) maintains excellent free resources on identifying fraudulent websites, and I recommend bookmarking their consumer guidance page.
Myth #5: “A Strong Password Is All the Protection I Need”
Strong passwords matter — don’t get me wrong. But the belief that a good password is sufficient protection is outdated by about a decade. Massive data breaches have dumped billions of username-and-password combinations onto the dark web. If you’ve reused a password across multiple sites (and roughly 65% of Americans have, according to a 2024 Google/Harris Poll survey), a breach at one service can compromise all your accounts.
Here’s what actually provides robust protection in 2025 and 2026:
- Two-factor authentication (2FA): This requires a second verification step — usually a code sent to your phone or generated by an app — when you log in. Even if a criminal has your password, they can’t get in without that second factor.
- A password manager: Apps like 1Password, Bitwarden, or the built-in managers in iPhones and Android phones create and store unique, complex passwords for every account so you don’t have to remember them.
- Passkeys: This newer technology, supported by Apple, Google, and Microsoft, replaces passwords entirely with biometric verification. It’s the most secure consumer option available right now.
The Truth
Enable two-factor authentication on every account that offers it — especially email, banking, and social media. Your email account is particularly critical because it’s usually the gateway to resetting every other password you have. If a scammer gets into your email, they can systematically take over your entire digital life. I consider 2FA non-negotiable, and if you’re concerned about how financial scams could accelerate the depletion of your retirement savings, this single step could save you from catastrophic loss.
Myth #6: “The Government or My Bank Will Warn Me Before Something Bad Happens”
Many people assume that their bank’s fraud department or a government agency will proactively contact them about security threats. While banks do have fraud monitoring systems, they have significant limitations. And here’s the critical part: the government will never contact you by phone, email, or text to demand immediate payment, threaten arrest, or ask for your Social Security number.
Yet “government impersonation” was the number one fraud category reported to the FTC in 2024. Scammers pose as the IRS, Social Security Administration, Medicare, or law enforcement. They create convincing urgency — “Your Social Security number has been compromised,” “You owe back taxes and a warrant has been issued” — designed to trigger panic and bypass your rational thinking.
The Truth
No legitimate government agency will ever contact you demanding immediate payment by gift cards, wire transfer, or cryptocurrency. No real bank employee will ask you to share your full password or move money to a “safe account.” If you receive such a call, hang up. Then contact the agency or bank directly using the phone number on their official website or your statement — never the number the caller provides.
Write this rule on a sticky note and put it by your phone if you need to: “If it’s urgent and unexpected, verify before you act.”
Myth #7: “If I Get Scammed, There’s Nothing I Can Do”
Shame and embarrassment keep an estimated 75% or more of scam victims from ever reporting the crime, according to AARP research. Many believe reporting is pointless — that the money is gone and nothing will come of it. While recovery is difficult, staying silent actually helps the criminals.
In my 14 years of experience studying these criminal networks, I’ve seen that reporting creates the data trails that law enforcement uses to identify patterns, shut down operations, and occasionally recover funds. The FBI’s Recovery Asset Team, for example, successfully froze or recovered over $500 million in 2023 alone by acting quickly on reported wire transfer fraud.
What to Do If You’ve Been Targeted
- Contact your bank immediately if you’ve sent money or shared financial information — speed matters enormously for potential recovery
- Report to the FTC at ReportFraud.ftc.gov
- File with the FBI’s IC3 at ic3.gov, especially for internet-based fraud
- Alert your state Attorney General’s office — many have dedicated elder fraud units
- Tell someone you trust — a family member, friend, or your local Area Agency on Aging can help you navigate next steps
The Truth
There is no shame in being targeted by professional criminals. Reporting is a powerful act that protects others. And in some cases — particularly with wire transfers reported within 48 to 72 hours — funds can be partially or fully recovered.
Building Real Digital Confidence
Here’s something I want to be direct about: the goal of this article isn’t to make you afraid of technology. The benefits of staying digitally connected are enormous — from telehealth access to social connection to the practical tools that help people age in place more safely and affordably. Tech adoption among older adults is growing because the technology genuinely improves quality of life.
But confidence and caution aren’t opposites. The most confident technology users I’ve worked with are the ones who understand the real risks — not exaggerated fears, not dismissive myths — and have simple, consistent habits in place to manage them.
Those habits don’t require technical expertise. They require awareness:
- Verify before you trust any unexpected contact, regardless of the channel
- Update your devices and enable two-factor authentication
- Navigate to websites directly rather than clicking links in messages
- Talk openly with family and friends about scam attempts you’ve encountered
- Report fraud quickly — even if you’re not sure it was “real enough” to count
The scammers are counting on your silence, your shame, and your outdated assumptions. The most powerful thing you can do is replace myths with facts — and share what you learn with someone else who might be vulnerable. That ripple effect is how we actually fight back.
About Dr. Priya Sharma, PhD in Computer Science, CISSP
Dr. Priya Sharma is a cybersecurity expert with a PhD in Computer Science and a Certified Information Systems Security Professional (CISSP) credential. She has spent 14 years researching digital privacy, online fraud, and data protection — with a particular focus on the risks facing older internet users. At Daily Trends Now, Dr. Sharma writes about online scams, password security, smartphone privacy, and the practical steps readers can take to stay safe in an increasingly connected world.
