Preventing Elder Scams: The Impact of High-Profile Data Breaches on Senior Citizens

In early 2024, one of my favourite action stars, Jason Statham, starred in The Beekeeper, a film with a poignant storyline. The plot centres on an elderly woman who, after falling victim to a scam that robbed her of a significant financial sum for which she was responsible, tragically takes her own life. Although fictional, the story resonated deeply with me when a family member shared a real-life account of her friend being deceived by scammers.

This friend, a local senior citizen, received a WhatsApp message claiming that a family member was in urgent need of money. Acting out of love and responsibility, she paid the scammers, believing she was helping a relative in distress. This incident reflects a broader issue—the vulnerability of the elderly to scams, as they are often targeted due to their trusting nature and strong inclination to support loved ones.

Although there is no conclusive evidence linking the rise in local scams directly to recent high-profile corporate data breaches, global research supports the notion that such breaches increase risks for senior citizens. Older adults are particularly vulnerable because they often have substantial savings and may lack familiarity with the nuances of cyber threats. A study by the National Opinion Research Centre at the University of Chicago revealed that 63 per cent of adults aged 50 and older have experienced some form of cyber abuse, including phishing attempts aimed at stealing money or personal information.

High-profile data breaches in Barbados and around the Caribbean have exacerbated this problem, usually exposing large datasets containing personally identifiable information (PII), such as age, phone numbers, addresses, and even sensitive healthcare data like emergency contacts. This information is a goldmine for scammers, enabling them to craft highly targeted attacks on seniors.

The 2023 FBI report underscores the alarming prevalence of elder fraud, revealing scams targeting individuals aged 60 and older resulted in over US$3.4 billion in losses—an 11 per cent increase from the previous year. Seniors accounted for half of all reported fraud cases and 66 per cent of total financial losses, with the average victim losing US$33 915. More than 101 000 seniors reported scams to the Internet Crime Complaint Centre, compared to just 18 000 victims under the age of 20.

The most common scams included tech support fraud, which impacted nearly 18 000 seniors, followed by data breaches and romance scams—often exploiting the loneliness that many seniors experience in their later years. Non-payment/non-delivery schemes and investment fraud also significantly contributed to the financial and emotional toll on this vulnerable demographic. This impact is further exacerbated by the fact that most seniors, due to their age, are unable to re-enter the workforce or generate additional income to recover from such devastating losses.

Additionally, senior citizens are often prime targets for fraud and cyberattacks due to their unique vulnerabilities. With significant retirement savings, home equity, and other accumulated assets, they present an attractive opportunity for financial exploitation. Beyond financial incentives, scammers exploit less tangible traits–such as seniors’ trusting and polite nature–which make them less likely to question authority or challenge suspicious interactions.

This vulnerability is compounded by a lack of technological literacy, leaving many older adults unable to recognise phishing emails, malicious links, or other online threats. Fraudsters also rely heavily on emotional manipulation, using tactics like “grandparent scams” or creating false emergencies to provoke panic and elicit quick compliance—just as in the case of my family member’s friend.

The statistics alone underscore the urgent need for action, but the unique vulnerabilities of seniors make this issue even more pressing. Programs designed to provide specialised education, and protective measures are critical to safeguarding older adults from the devastating financial and emotional impacts of scams and data breaches. As society becomes increasingly digitised, we must prioritise the safety of vulnerable populations, particularly seniors, to mitigate these risks effectively.

It would be easy to place blame solely on the government for the lack of comprehensive protections for senior citizens in this matter. However, the reality is that this is an “all-hands-on-deck” scenario. Stakeholders ranging from insurance agencies like the National Insurance Scheme, Guardian General, and Sagicor, which safeguard seniors’ savings, to family members who may have to support seniors if their nest eggs are stolen, all have roles to play. The government, too, bears responsibility, as it would face the additional burden of supporting those who would otherwise have been self-sufficient.

The lack of urgency around this issue is not surprising. Nationally, there seems to be little recognition of elder fraud as a critical crime. Compounding the issue is that many seniors are reluctant to report scams—fearing judgement from family members or believing that authorities will not take their complaints seriously.

To address this, a national policy should focus on empowering the Ministry of Elder Affairs and People Empowerment to advocate for the formal recognition of elder fraud as a significant issue. This should include shining a spotlight on cyber fraud targeting seniors and allocating resources to track and record such crimes. After all, as the saying goes, “What doesn’t get measured doesn’t get managed.” Furthermore, leading insurance agencies should collaborate with the ministry to mount a national awareness campaign, emphasising education and sensitisation to protect the elderly from these threats.

Steven Williams is the executive director of Sunisle Technology Solutions and the principal consultant at Data Privacy and Management Advisory Services. He is a former IT advisor to the Government’s Law Review Commission, focusing on the draft Cybercrime bill. He holds an MBA from the University of Durham and is certified as a chief information security officer by the EC Council and as a data protection officer by the Professional Evaluation and Certification Board (PECB). Steven can be reached at Mobile: 246-233-0090; Email: steven@dataprivacy.bb