How Retirees Can Protect Themselves from Email Scams

Author: Michelle Dodd |  Editor: Celia Fleming

Estimated Reading time: 10 minutes

Our lives have become deeply digital. Many daily tasks, from managing finances to basic services, now rely on technology. Older generations often learn these new digital systems without proper guidance on keeping their activity secure.

For instance, your smartphone:

  • Stores biometric data like fingerprints and facial recognition
  • Uses GPS and geolocation for navigation
  • Manages passwords and transactions
  • Keeps track of contacts, call history, and messages
  • Monitors your health, fitness, and movement
  • Controls smart home features (if you have a smart home)

All this digital activity creates a trail of data that can be exploited. As we see a surge in cybercrime, we should be aware of the risks associated with our online footprint.

In this article, we’ll explore the most common type of cybercrime: email-based scams, also known as phishing. We’ll show you what to look for, and provide a few techniques to ensure that you always have the upper hand.

Let’s dive in…

Retiring soon? Listen up

Awareness of cybercrime is vital if you are in or approaching retirement. Here’s why:

Financial vulnerability at retirement

At retirement, you may suddenly have access to large amounts of money in savings, investments, and pension funds. The sad truth is that this makes you a prime target for cybercriminals. That’s why you always need to keep your data and information secure.

Cybercrime is becoming more sophisticated

If you are unfamiliar or find it difficult to keep up with the ever-evolving list of cybercrimes and the security practices involved in mitigating them, you are more susceptible to falling victim to them.

Older individuals manage sensitive personal information more frequently

Many older individuals manage sensitive documents online, such as healthcare records, identity details, and insurance information. Understand that you are vulnerable if you manage this kind of documentation in an unsecured environment.

Cybercriminals frequently target older persons

Cyber scammers often tailor their attacks towards older populations, offering fake retirement investment opportunities, fraudulent health services, or posing as government agencies.

How cybercriminals can use your data

Here are a few scary things cybercriminals can use your data for:

Identity theft

Identity theft can severely impact your retirement plans. Imagine waking up one day to find your retirement savings depleted, credit cards maxed out, and loans opened in your name — all without your knowledge. Cybercriminals can easily steal your identity with just a few pieces of personal information, leaving you to navigate a complex web of financial and legal problems.

Credit card fraud

What if you received a message from your bank notifying you of a credit card bill with charges you don't recognise, only to discover that someone has been using your card without your knowledge? Credit card fraud can lead to financial losses and damage your credit score, causing significant stress. It's important to monitor your account activity regularly, and report any suspicious transactions promptly to protect your hard-earned money.

Account takeover

Cybercriminals can stealthily infiltrate your online accounts (like shopping or payment services), leaving you oblivious to their unauthorised purchases or transfers until it's too late. The financial damage and potential legal repercussions can be devastating, so it is crucial to safeguard your accounts with strong passwords, two-factor authentication (which is easy to set up), and vigilant monitoring.

Social engineering

Malicious actors may use deceptive tactics to trick you into revealing sensitive information or performing actions that could compromise your security. These attacks often involve impersonation, phishing emails, or fraudulent phone calls designed to exploit your trust and gain access to your accounts or personal data.

Staying vigilant at all times

Being aware of the risks tied to your online activity and staying vigilant are key to protecting your personal information. But how can you recognise when you're at risk of falling victim to cybercrime?

Let’s dive into the common things you should watch out for.

Phishing: your inbox can be your biggest weakness

In today's digital world, your inbox can be your most significant vulnerability, especially as phishing scams become more sophisticated. Phishing attacks have surged since the pandemic, with hackers using the information they collect to:

  • Steal your usernames and passwords
  • Make unauthorised purchases
  • Access your bank accounts
  • Request new account PINs
  • Damage your credit score
  • Sell your personal data

What is phishing?

Phishing is a deceptive technique used to gather personal data, often carried out through email.

Here’s how a phishing attack typically unfolds:

  1. Initial contact: A hacker locates your contact information online and sends you an email containing a link. This email is crafted to resemble a legitimate email, and is expressly designed to persuade you to click on this dangerous link.
  2. Malware installation: Once you click the link, malicious software is discreetly installed on your device. This allows the hacker to access and download your personal data.
  3. Further exploitation: With your data compromised, the hacker may deploy additional harmful software such as malware, ransomware, or trojan-based software to exploit your device and information further.

Phishing attacks are swift and simple, making it crucial to remain vigilant and discerning.

How to spot phishing scams in your inbox

The good news is that stock-standard phishing is relatively easy to spot. Here’s what you should always look out for.

Easy-to-spot signs

  • An email address that doesn’t match the supposed sender's domain
  • Generic greetings like "Dear Customer" instead of your name
  • An overall structure that feels strange and untrustworthy
  • Suspicious links or attachments that you weren’t expecting
  • Unusual or unexpected requests for personal information
  • A subject line that threatens you with something, such as a terminated account
  • Urgent language demanding immediate action
  • Noticeable spelling and grammar errors

Email requests from fraudsters include phrases such as:

  • You need to log in to your account to prevent it from being suspended
  • You need to log in to your account as you have been a victim of fraud
  • You have violated terms and conditions
  • You've received money in your account

Remember: Never click on links in an email that claim to be from your bank, government agency, online retailer, debt collector, or service provider. Always check the URL of the website the link wants to take you to — if it looks suspicious, avoid it! A suspicious link might have strange spellings, extra numbers, or unfamiliar domain names (like ".xyz" instead of ".com"). If unsure, it's safest to visit the official website directly by typing the URL into your browser.

A few more ‘not so obvious’ things to look out for

The signs that you are being scammed are often not as obvious as the examples above. So, be mindful of the following subtle indicators:

Requests for personal data

Always be wary of emails asking you to confirm personal details through forms, replies, or links. Legitimate companies and banks never ask for sensitive information this way.

Spoofed authority emails

Watch out for emails that seem to come from trusted sources but have slight variations in the sender’s email address. These emails often create a sense of urgency, asking you to perform pressing tasks. Always double check the sender’s email address; report it or mark it as spam and trash the email if it doesn’t look legitimate.

Fake virus alerts

Cybercriminals tend to send alarming emails claiming your device is infected with a virus to trick you into downloading malware. Legitimate antivirus companies do not notify you via email. If you suspect an infection, delete such emails and run a system scan with your antivirus software.

Suspicious attachments and links

Avoid opening attachments or clicking links from unknown sources. Emails with ZIP files, PDFs, or invoices can carry malware. When in doubt, delete the email, or if you need to verify its content, contact the sender through a known, trusted method.

How you can avoid phishing entirely

Avoiding email fraud is easier than you might think. By following these simple steps, you can effectively identify and steer clear of scams:

  1. Speak up: If in doubt, always reach out to family and friends for guidance before clicking on any unfamiliar links or giving up any personal information such as identity numbers, addresses, or banking details.
  2. Geolocation filtering: Most emails show the location of where they originally came from. You can filter your email options to block messages originating from a country or region with higher fraud cases such as:
    ○       Nigeria
    ○       Russia
    ○       China
    ○       Romania
    ○       India
  3. Zero Trust Policy: One useful practice is to use a no-trust approach in your emails. Consider every email you receive as suspect until you confirm otherwise.
  4. Run antivirus programs and other security software: Scan and confirm that all incoming messages are valid. Your software will slow down your inbox slightly, but you can be sure that your data is protected from possible threats.

What Just SA would never do

At Just SA, keeping your personal information safe and secure is our top priority. To ensure you stay protected from cyber threats, it’s important to know what we will never ask you to do:

  1. Request confirmation of personal data via email links: We will never ask you to confirm your personal information by clicking on any links in an email. We may request certain documentation to support our processes, but if in doubt, call our call centre directly on 087 238 2690 to confirm the request. 
  2. Send spoofed authority emails: Just SA will not send emails that use slightly altered email addresses. Always verify an email's authenticity through our official channels if it seems suspicious or overly urgent.
  3. Use fear tactics to induce action: We never coerce you into downloading attachments or clicking links. If you receive such messages, delete them and contact our support team for guidance.
  4. Send unsolicited attachments or links: Don’t expect unsolicited attachments or links from us. If you receive an unexpected attachment or link, especially from an unknown source, do not open it. Instead, reach out to us directly to confirm its legitimacy.

Have you received anything suspicious?

If you’ve received anything that seems suspicious from a sender claiming to be Just SA, , don’t hesitate to contact us for assistance, and we’ll help you verify their authenticity.

About the author

Michelle Dodd

Marketing Manager

Michelle started her career in market research, which provided a good grounding and understanding of various target markets both locally and internationally. Progressing to more of a generalist marketing role, she focused on event management and communications, and this is where her passion for writing and editing evolved. 

Michelle has worked in financial services marketing for over 15 years including international family office, Stonehage Fleming and Old Mutual Wealth. She is currently pursuing her passion for plain language and clear, relevant communication as Just SA's marketing, PR and digital manager. 

Michelle holds a Business Science degree from the University of Cape Town with honours in Marketing.

Contents

1. Why cybercrime awareness is vital
2. How cybercriminals can use your data
3. Phishing: your inbox can be your biggest weakness
4. How you can avoid phishing entirely
5. What Just SA would never do

Cookie Notice

We use cookies to ensure that we give you the best experience on our website. Are you happy for us to use cookies? Read our Cookie Policy