Elder Fraud and Cyber Scams Targeting Seniors

Elder fraud and cyber scams targeting seniors represent one of the most financially damaging categories of consumer crime tracked by US federal law enforcement, with losses measured in billions of dollars annually. The FBI's Internet Crime Complaint Center (IC3) recorded losses exceeding $3.1 billion from victims aged 60 and older in 2022 alone (FBI IC3 Elder Fraud Report 2022). This page maps the regulatory structure, fraud typology, operational mechanics, and classification boundaries governing this sector — serving professionals, researchers, and service-sector navigators who require authoritative reference context. The Cyber Safety Listings section provides structured access to individual service and reporting entries organized by category.

Definition and Scope

Elder fraud encompasses any deceptive scheme in which the age, cognitive state, social isolation, or accumulated wealth of an older adult — typically defined as age 60 or older under the Elder Justice Act (42 U.S.C. § 1397j) — is exploited for financial gain. Cyber scams targeting seniors represent the digitally mediated subset of this broader category, encompassing fraud delivered or facilitated through the internet, email, telephone-over-IP, social media platforms, and mobile applications.

The regulatory and enforcement landscape involves overlapping federal and state jurisdictions:

• Federal Bureau of Investigation (FBI) — primary federal criminal investigative authority for elder fraud cases; operates the IC3 reporting infrastructure and the National Elder Fraud Hotline in coordination with the Department of Justice.
• Federal Trade Commission (FTC) — civil enforcement authority under 15 U.S.C. § 45 (Section 5); tracks elder fraud through the Consumer Sentinel Network and publishes fraud taxonomies used by state attorneys general.
• Consumer Financial Protection Bureau (CFPB) — supervises financial institutions under the Dodd-Frank Act for elder financial exploitation risks; issues guidance on suspicious activity reporting obligations.
• Adult Protective Services (APS) agencies — state-administered bodies with mandated reporting obligations for suspected elder abuse, including financial exploitation; authority derives from state elder abuse statutes that vary across all 50 states.
• Financial Crimes Enforcement Network (FinCEN) — issues advisories requiring financial institutions to file Suspicious Activity Reports (SARs) for suspected elder financial exploitation under the Bank Secrecy Act (31 U.S.C. § 5318).

The Cyber Safety Directory Purpose and Scope page provides broader context for how fraud categories are structured within this reference architecture.

How It Works

Cyber scams targeting seniors follow recognizable operational phases that distinguish them from opportunistic fraud:

1. Target identification — Perpetrators identify potential victims through data broker lists, social media profiles, obituaries, property records, or prior victim lists traded among criminal networks. Age, widowhood, and asset indicators increase targeting probability.
2. Contact and pretext establishment — Initial contact arrives via email, phone, text, or social media. The pretext establishes a plausible authority figure (government agent, bank representative, grandchild in distress, romantic partner) or a compelling urgency scenario.
3. Trust development — Extended grooming periods, particularly in romance and investment fraud, can span weeks or months. Perpetrators maintain consistent personas and exploit social isolation to reduce the likelihood of victims consulting third parties.
4. Exploitation trigger — A specific request for money, account credentials, remote device access, or personal identification information (SSI numbers, Medicare IDs, financial account numbers) is introduced after trust is established.
5. Payment extraction — Wire transfers, gift card purchases, cryptocurrency transfers, and peer-to-peer payment applications are the dominant extraction mechanisms. Gift cards are specifically flagged by the FTC as a near-universal indicator of fraud (FTC Consumer Information: Gift Card Scams).
6. Escalation or re-victimization — Compliant victims are frequently targeted again by the same operation or sold to secondary fraud rings. The IC3 identifies repeat victimization as a structurally significant pattern in elder fraud datasets.

Technical vectors include phishing emails, smishing (SMS phishing), spoofed caller ID, malicious pop-up alerts simulating antivirus software, and remote access trojans (RATs) installed through fraudulent technical support interactions.

Common Scenarios

The FTC and FBI jointly classify elder-targeted cyber scams into the following primary typologies:

Government impersonation fraud — Perpetrators pose as Social Security Administration, Medicare, or IRS officials claiming the victim's benefits are suspended, that arrest warrants are pending, or that back taxes are owed. Payment is demanded via wire transfer, cryptocurrency, or gift cards to avoid fabricated legal consequences.

Tech support fraud — A browser pop-up or cold call claims the victim's computer is infected. The "technician" requests remote access using legitimate tools (AnyDesk, TeamViewer) and either installs malware, harvests credentials, or directly initiates unauthorized bank transfers. The FBI's IC3 reported tech support fraud as the third-highest loss category for victims over 60 in 2022.

Romance fraud — Long-term social media or dating platform relationships cultivate emotional dependency before financial requests are introduced. Cryptocurrency investment opportunities are increasingly embedded within romance fraud scripts, a hybrid category the FTC designates "pig butchering" (sha zhu pan).

Lottery and prize fraud — Victims are told they have won a sweepstakes but must pay taxes or processing fees to collect. Upfront payment requests cycle repeatedly, with each payment justified by a new fabricated administrative requirement.

Grandparent scam — A caller impersonates a grandchild (or an attorney or law enforcement officer acting on a grandchild's behalf) claiming an emergency requiring immediate wire transfer or cash. Voice cloning technology has increased the realism of impersonation in this category.

Investment and cryptocurrency fraud — Fraudulent investment platforms, often promoted through social media advertising, solicit funds under the promise of high-yield returns. The SEC's Office of Investor Education and Advocacy specifically identifies seniors as a high-risk demographic for unregistered securities offerings (SEC Investor.gov Senior Investors).

Decision Boundaries

Distinguishing elder fraud from adjacent categories requires applying specific classification criteria:

Elder fraud vs. general consumer fraud — The distinguishing factor is not exclusively victim age but the presence of exploitation tactics calibrated to older adults: loneliness exploitation, cognitive vulnerability targeting, authority impersonation leveraging government benefit dependency (Social Security, Medicare), and asset profiles typical of retirement-stage finances. The Elder Justice Act's 60-year age threshold is the operative federal definitional boundary, though state statutes vary; California Welfare and Institutions Code § 15610.30 defines elder financial abuse beginning at age 65.

Criminal fraud vs. civil consumer protection — Conduct meeting the elements of wire fraud (18 U.S.C. § 1343) or mail fraud (18 U.S.C. § 1341) falls within criminal federal jurisdiction. Deceptive practices that do not rise to criminal threshold may be pursued civilly by the FTC under Section 5 or by state attorneys general under state consumer protection statutes. Both tracks can proceed in parallel.

Cyber-enabled fraud vs. cyber-dependent fraud — Cyber-enabled elder fraud uses digital channels as delivery infrastructure for schemes that could theoretically exist offline (impersonation calls, investment solicitations). Cyber-dependent fraud requires the digital environment to function at all — credential harvesting malware, remote access trojans, and cryptocurrency extraction are examples. The distinction affects which law enforcement agencies have primary jurisdiction and which technical response protocols apply.

Mandated reporting obligations — Financial institutions subject to FinCEN's 2022 advisory on elder financial exploitation are expected to file SARs for transactions exhibiting exploitation indicators. Healthcare professionals in 47 states operate under mandatory reporting statutes for elder abuse, including financial abuse. APS agencies receive and triage mandatory reports; federal criminal referrals are separate from APS civil intervention processes.

Professionals navigating service sector resources related to this category should reference the How to Use This Cyber Safety Resource page for structural orientation before engaging individual listings.

References

• FBI Internet Crime Complaint Center (IC3) — 2022 Elder Fraud Report
• Federal Trade Commission — Gift Card Scams Consumer Information
• Federal Trade Commission — Consumer Sentinel Network
• SEC Office of Investor Education and Advocacy — Senior Investors
• Consumer Financial Protection Bureau — Elder Financial Exploitation
• FinCEN Advisory FIN-2022-A002 — Elder Financial Exploitation
• Elder Justice Act, 42 U.S.C. § 1397j — Cornell LII
• DOJ Elder Justice Initiative
• CFPB — Suspicious Activity Reports and Elder Financial Exploitation Guidance