Home / Technology / News /  Eight questions to ask your aging parents (and yourself) to keep their phones safe from hackers

Scammers have a lot of opportunities to bilk people during the holiday season. How do you make sure they aren’t tricking someone you love—particularly someone who is especially vulnerable to scams?

While swindlers will target people of all ages, older Americans have become the favored mark. Adults 60 and over lose the most money to fraud each year, and phone scams do the most financial damage, according to a Federal Trade Commission report released in October 2022.

So, it is vital to make sure your older family members know how to keep their phones safe. The best way to start is by looking in the mirror. Figure out what security steps you take—or should take—with your own phone and how you could protect yourself better, and then help your relatives tighten up their defenses. Remember, age might make some people more susceptible to these risks, but anybody can miss key security strategies. And no criminals will check your age before they hack you.

The holiday season—with its heightened spending and tension—is a prime time to think about smartphone fraud, says Mark Ostrowski, head of engineering at Check Point Software Technologies, an internet-security firm.

“Around this time, emotions run high," he adds. “And that’s exactly what scammers want. They want an emotional response because that causes you to overlook something or make a bad decision."

So how do you make sure your relatives are as safe as possible from hackers? You don’t want to be condescending. Instead, talk to them about their concerns, and yours. And during the discussion, make sure to ask them the following questions.

1. Is your phone password protected?

It may be tempting to not bother adding a lock screen to your smartphone, so you can bypass the hassle of punching in a number to get access. But having a four- or six-digit passcode is the first line of defense against hackers: If someone physically steals your phone, they won’t be able to get into the device easily without knowing your code.

Still, there are alternatives to PINs if those feel too cumbersome. Fingerprint scanning and Apple Inc.’s Face ID let you access your phone quickly without any codes, and some Android devices let you create a unique pattern on the screen that you then trace when you want to unlock the device. (Remember, though, that even if you have these types of defenses, you will still have to type in your PIN when the phone restarts.)

“You would be surprised how many seniors don’t lock their device because of the inconvenience," says Danielle Deibler, founder and chief security officer of Quad9, an online service that blocks cyber threats. “Make it so that they have to give consent for another person to get into their device."

2. Do you update your phone’s software?

Smartphone software updates often include security patches to close loopholes that are potentially accessible to hackers. Third-party apps send out these types of changes, too. Make sure your loved ones—and you—know how to update their smartphone’s operating system and apps when prompted. And show them where to find and download the updates in their settings.

“There’s always security goodies embedded inside of those updates," says Karim Toubba, chief executive of password-management service LastPass. “You would be surprised at how much value you get out of something that simple."

Also remember that apps frequently offer multifactor authentication, providing more security than websites on mobile browsers, says David Nuti, senior vice president at Nord Security, an internet-privacy company. That means to log in, you must provide at least two distinct forms of identification—such as a password and confirmation code via text—to gain access to an account. Help your loved ones set this up for banking and other apps, and be sure to do it for your own.

3. Do you have spam filters set up?

Turning on spam-protection software can prevent your loved ones from falling prey to phone scams. Apple devices running iOS 13 and later and Android phones running Android 6.0 or later can automatically silence unknown callers, and mobile providers can add another layer of protection: AT&T, T-Mobile and Verizon all offer features for detecting robocalls.

4. Do you get alerts from your bank?

Many banking apps offer text alerts for transactions when money enters or leaves an account, so you can tell immediately if you are being robbed. Ask if your family members need help navigating their mobile-banking apps to set those up.

But you shouldn’t rely solely on text messages for security. Scammers can send phishing texts posing as a bank to steal personal and financial information, for instance. So, remind your relatives to not click any text-message links that seemingly come from banks, and to not share sensitive information with someone who says they are calling or texting from a bank.

Instead, instruct them to call the number on the back of their card if they have questions. They can also run any suspicious texts or emails by you.

“Make yourself a firewall for online activity they’re unsure about," Mr. Nuti says.

5. Have you added a trusted backup contact?

Find out if your relatives have named people to help them access their online accounts if they forget their password. You don’t have to know their password, and security experts say it is often best that you don’t because shared passwords carry more security risks than private ones.

With Apple’s recovery contacts, for instance, you can help validate your parents’ or grandparents’ identities to regain access to their iPhone and iCloud accounts. When they are locked out, they can follow the steps on their devices to share on-screen instructions with a recovery contact; the contact will get a six-digit code that will unlock the device and let them reset their Apple ID password.

For Google accounts, people can add your email address as a backup recovery option. If they get locked out of their Gmail account, they can have Google send you a verification code. Give them the code, and they can reset their passwords.

6. How do you track your passwords?

Keeping up with passwords can be a challenge for people of all ages. For some, pencil-and-paper records stored somewhere safe can be the best option, but password managers can also help.

Reputable digital password managers can be simple to set up and use. Apple’s iCloud Keychain for iOS and Google’s Password Manager for Android offer free, built-in options that store your passwords and sometimes other information such as addresses and credit cards. Both work in apps and web browsers.

Third-party password managers are solid options, too, with many offering additional features such as support across multiple operating systems. You have to remember only one password—the one for the password manager itself. Then, when logging into a website, the password manager automatically fills in your credentials, similar to the Apple and Google offerings.

7. What do you want to happen to your tech when you die?

No one wants to think about their loved ones dying—let alone themselves—but it is smart for them to have a plan about what will happen to their various accounts and devices.

Apple’s Legacy Contacts gain access to photos, contacts, documents, notes and more, all of which would be inaccessible without knowing their relative’s iCloud password.

Google offers an Inactive Account Manager, which will notify designated contacts if an account hasn’t been used for a set period ranging from three to 18 months. Facebook‘s Memorialization Settings let users choose someone to look after their profile when they die. The designated custodian can’t log into that account directly but can request that it be either “memorialized" or deleted.

8. Does anything concern you?

To make sure you haven’t missed anything, it’s helpful to find out if there are concerns that your relatives have but never mentioned. After all, scammers are evasive and find new ways to deploy old tricks.

Ask your family members if they have come across any messages on social media, shopped on new websites or gotten phone calls asking for their banking information that made them feel uncomfortable.

“Find out if they’re noticing new types of offers in their emails, or anything concerning," Ms. Deibler says. “It can be a positive thing to reinforce things they’ve been skeptical about."


Recommended For You

Trending Stocks

Get alerts on WhatsApp
Set Preferences My ReadsWatchlistFeedbackRedeem a Gift CardLogout