Email scams have become one of the fastest ways scammers steal money from older adults. A single click can expose bank accounts, personal data and retirement savings built over a lifetime. That growing risk is what prompted Bob to write to us with a question many families are now facing:

“My friend’s father is 95 and absolutely lives through his phone/laptop. He refuses to give up either and often clicks on email links. A few years ago, he got caught up in a gift card scam that almost cost him his life savings. It’s not taking away the car keys anymore; it is taking away the email and access to online banking! What do you recommend that his daughter do to protect his online presence?”

Bob is right. For many seniors, email and online banking have replaced car keys as the most dangerous access point. The goal is not to take devices away. It is to quietly put guardrails in place so one bad click does not turn into a financial disaster.

Here is a practical plan families can actually use.

HACKERS ABUSE GOOGLE CLOUD TO SEND TRUSTED PHISHING EMAILS

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

 1) Separate money from daily email use

Start by limiting how much damage a single click can cause. If possible, remove online banking access from the devices used for email. When that is not realistic, open a second checking account with only everyday spending money and link it to a debit card for routine purchases.

Keep primary savings accounts offline or set to view-only access. If available, require in-branch or phone verification for transfers above a set amount. This way, even if credentials are compromised, the largest accounts remain protected. 

2) Lock down email to stop scams targeting seniors

Email is the number one entry point for scams targeting seniors. Strong filtering matters. Use an email provider with advanced spam protection, such as Gmail or Outlook.com. In the email settings:

• Turn off automatic image loading
• Disable link previews
• Block or auto-quarantine attachments from unknown senders
• Automatically move messages from unknown senders to a Review folder

If available, enable warnings for emails that use familiar display names but come from unfamiliar addresses. This helps stop impersonation scams that pretend to be family, banks or service providers. These steps slow scammers down and reduce impulse clicks before damage happens.

Email is dominant, but voicemail and callback scams are also growing fast among seniors, often as a follow-up to phishing emails. If possible, silence unknown callers and block voicemail-to-email transcription for unfamiliar numbers, since many scams now start with urgent callback messages rather than links.

3) Add a trusted second set of eyes

Next, add safety nets that notify family members when something looks wrong. Enable banking alerts for large withdrawals, new payees, password changes, unusual logins and new device sign-ins. Add his daughter as a trusted contact wherever the bank allows it. If available, enable delays or approval requirements for first-time transfers to new payees. This creates a cooling period that can stop scam-driven transactions. For email accounts, set up a recovery contact so that his daughter is notified immediately if someone attempts to access or reset the account.

Enable two-factor authentication (2FA) on email and banking accounts, but pair it with device and transfer alerts, since many scams now succeed even when 2FA is enabled.

4) Harden devices so clicks do not equal catastrophe

Devices should be set up to fail safely. Keep operating systems and browsers updated. Make sure the laptop uses a standard user account instead of an administrator account. This prevents software from installing without approval. Install real-time protection that blocks scam sites before they load. Strong antivirus software helps block malicious links and fake login pages automatically.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

5) Use a password manager to block fake logins

Password reuse makes scams far more dangerous. Fake pop-ups and lookalike websites are designed to trick people into typing usernames and passwords by hand. A password manager removes that risk by storing credentials securely and autofilling them only on legitimate websites. If a page is fake or malicious, the password manager will not fill anything. That simple refusal often prevents account takeovers before they start. Password managers also reduce frustration by eliminating the need to remember or reuse passwords across email, banking and shopping accounts. When set up correctly, this protection works quietly in the background on both phones and laptops.

Many phishing scams no longer rely on obvious fake emails. They rely on realistic login pages. Autofill protection is one of the most effective ways to stop these attacks without changing daily habits.

Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.

MALICIOUS CHROME EXTENSIONS CAUGHT STEALING SENSITIVE DATA

6) Freeze credit and monitor identity exposure

If scammers already have personal information, prevention alone is not enough. Freeze credit with Experian, TransUnion and Equifax to prevent new accounts from being opened. Also, place freezes with ChexSystems and the National Consumer Telecom and Utilities Exchange to stop criminals from opening bank accounts, phone lines, or utility services in his name.

If possible, request an IRS Identity Protection PIN to prevent tax-related identity theft.

Add ongoing identity monitoring so suspicious activity triggers alerts quickly. Identity Theft companies can monitor personal information like your Social Security number (SSN), phone number and email address, and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.

See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com.

7) Set clear rules around scams and payments

Technology helps, but expectations matter. Have one calm conversation and agree on simple rules:

• No gift cards for urgent emails or texts
• No sending money through unfamiliar apps or cryptocurrency
• Always call a trusted family member before acting on urgency

Post these rules near the computer or phone. Visual reminders reduce panic decisions. Also, before setting rules, choose one primary trusted contact. Multiple helpers can slow response during urgent scams and create confusion when fast decisions matter. That person should be the default call for anything urgent involving money, account access, or unexpected requests.

8) Reduce exposure with a data removal service

Scammers often find seniors by pulling personal details from public data broker websites. These sites publish phone numbers, addresses, relatives and age information that make targeting easier. A data removal service works behind the scenes to opt seniors out of these databases and reduce how much personal information is publicly available online. Fewer exposed details means fewer scam calls, fewer phishing emails and fewer impersonation attempts. This step does not stop every scam, but it significantly lowers how often seniors are targeted in the first place.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

9) Use senior-friendly monitoring tools the right way

Many tools designed for child safety also work well for seniors when used thoughtfully. When configured correctly, they add protection without interfering with daily routines.

Below are device-specific steps families can use today.

iPhone and iPad

Apple’s built-in Screen Time tools provide strong protection without installing extra apps.

What to set up:

• Open Settings and tap Screen Time
• Turn on Screen Time for the device
• Tap Content & Privacy Restrictions and turn it on
• Under App Store Purchases, set app installs to Don’t Allow
• Tap Web Content and limit access to approved or safe websites
• Set a Screen Time passcode known only to the caregiver

If the caregiver wants remote visibility or control, add the device to Family Sharing and manage Screen Time from the caregiver’s Apple ID.

BROWSER EXTENSION MALWARE INFECTED 8.8M USERS IN DARKSPECTRE ATTACK

Why this helps: It blocks many scam sites, prevents accidental app installs and stops fake update prompts from causing damage.

Android phones and tablets

Android offers built-in protections and optional supervised controls.

What to set up:

Settings may vary depending on your Android phone’s manufacturer

• Open Settings and go to Digital Wellbeing & parental controls
• Turn on parental controls for the device
• Restrict app installs and require approval for new downloads
• Enable Safe Browsing and website filtering
• Turn on alerts for new app installs and account changes

For families who want shared oversight, Google Family Link can be used to supervise app installs and receive alerts, as long as both parties agree.

Why this helps: Many Android scams rely on fake app installs. These settings block that path.

Windows computers

Windows protection works best when user accounts are set correctly.

What to set up:

• Create a standard user account for daily use
• Keep the caregiver account as the only administrator
• Turn on Microsoft Family Safety if available
• Enable SmartScreen and browser phishing protection
• Block software installs without administrator approval

Why this helps: Malware often installs silently on admin accounts. This setup prevents that.

Mac computers

macOS includes built-in controls similar to those on iPhone and iPad.

What to set up:

• Create a standard user account for the senior
• Limit administrator access to a trusted caregiver
• Open System Settings and enable Screen Time
• Restrict app installs and system changes
• Keep built-in malware and phishing protections enabled

Why this helps: It prevents fake software updates and malicious downloads from installing.

10) Best practices for all devices

• Use alert-only or limited-control settings whenever possible
• Review settings together so expectations are clear
• Avoid tools that feel invasive or confusing
• Focus on blocking harm, not monitoring behavior

This is not about spying. It is about adding digital seatbelts while preserving independence. When used respectfully, these tools reduce risk without changing daily habits.

Pro Tip: Use a secure email service for added privacy

For families looking to go a step further, switching to a secure email service can significantly reduce scam exposure. Privacy-focused email providers are designed to limit tracking, block hidden tracking pixels, and reduce how much data advertisers or scammers can collect from inbox activity. Many secure email services also offer disposable or alias email addresses for one-time signups. If an alias starts receiving spam or scam messages, it can be disabled without affecting the main email account. This makes it easier to keep a primary email address private and limit long-term exposure. Secure email platforms typically include features like encrypted messages, no advertising and stronger privacy controls. While switching email providers is optional, it can be a useful upgrade for seniors who receive large volumes of spam or have been repeatedly targeted by scams.

Why it matters: Less tracking means fewer scam attempts. Aliases reduce how often personal email addresses are exposed, without changing daily habits.

For recommendations on private and secure email providers that offer alias addresses, visit Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Kurt’s key takeaways

Protecting seniors online is not about control. It is about prevention. Email scams are designed to exploit trust and urgency, especially in people who did not grow up with digital threats. Smart guardrails protect independence while preventing irreversible mistakes. If email and banking are today’s car keys, families need modern safety features to go with them.

If your parent clicked a scam email right now, would you know before the money was gone? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.