It’s not news that especially grabs attention, because it’s becoming increasingly common. A new banking scam is using WhatsApp to deceive users through video calls in which criminals pose as the bank and ask for passwords and verification codes, which they then use to withdraw money from the accounts. It’s a very simple tactic, and the most common victims are the elderly.
The world’s population is aging today faster than in previous decades. According to the World Health Organization, between 2015 and 2050 the proportion of people over 60 years old will nearly double, rising from 12% to 22%. This demographic change is much more a statistical data point, as it has a profound impact on how we relate to technology. It’s no longer just young people or active workers who use it; it has become a fundamental tool for seniors to communicate, stay informed, manage procedures, or even take care of their health from home.
While it’s true that the elderly are increasingly integrated into digital life, this same door has opened a space of risk, as they have become one of the preferred targets of scammers online, who take advantage of their vulnerability. As beginner users, and not digital natives, the elderly tend to trust messages, calls, or emails from strangers simply because they seem friendly or convincing. They also find it harder to move freely in digital environments and do not always have someone nearby to help them check if something is real or a trap. This is compounded by the fact that their devices are not always well updated or equipped with the appropriate protections.
According to a study by Kaspersky on the digital habits of seniors, 44% of Spaniards over 65 years do not have any cybersecurity solution installed on their devices; 32% accept terms and conditions without reading them when downloading applications; 30% reuse passwords; and 29% keep geolocation permanently activated. These behaviors, although they may seem harmless, are open doors for digital offenders. The same study indicates that, despite 82% of people over 65 claiming they have not been a victim of any type of cyberattack, 11% admit to having unintentionally downloaded a virus and 7% acknowledge having received a message asking them to click on a fraudulent link where they entered their personal data.
On the other extreme, cybercriminals are becoming increasingly agile and better organized, as demonstrated by the speed at which new types of cybercrime continuously emerge.
In 2023, for example, there were more than 286 million attempts of fraud via SMS and WhatsApp in Latin America, making the region a leader in this type of cybercrime. Around 39% of Latin American citizens have been victims of digital fraud, with a 45% increase in 2023 compared to the close of the first half the year. In the United States, the impact of cybercrime has reached unprecedented levels. In 2024 alone, the reported losses exceeded 16 billion dollars, an increase of 33% compared to the previous year, according to the FBI. The number of complaints was also high, with nearly 860,000 cases recorded, although the authorities warn that the actual figures could be much greater because many cases of crimes go unreported. The elderly were especially affected, with more than 147,000 complaints and losses of around 4.8 billion dollars.
In Europe, cybercrime also represents a growing threat that is very costly for the economy and institutional security. Eurojust reported that in 2024 the number of cybercrime cases increased significantly, and the agency supported 50% more joint investigation teams (JIT) and coordination between member states to dismantle ransomware networks, malware, or investment fraud.
The types of scams do not differ significantly from one country to another, but their scale and complexity highlight the global nature of the problem: identity impersonation (a friend or family member urgently asks for money after being hacked); phishing with malicious links that download malware such as FluBot or banking trojans; fake delivery charges that request payments to release shipments; fraudulent job offers that ask for banking details or administrative fees; financial scams that assume the identity of banks or advisors to drain accounts; fraudulent investments promising cryptocurrencies or gold to lure victims into pyramid schemes; and even social engineering to take control of WhatsApp accounts—when criminals pose as technical support or a telecom company and trick users into handing over verification codes.
How should they protect themselves? The answer is in prevention and training. It’s not enough for older people to increasingly use electronic devices—they need to be aware of the dangers they are exposed to and protect their personal information. They must learn to detect a suspicious situation and to react in time.
Education has to adapt to these users. Far from incomprehensible technical jargon, it should be based on concrete examples: teaching them that a bank will never ask for passwords via WhatsApp; that a video call from an unknown person is always suspicious; or that creating a strong password can be as simple as combining familiar words with numbers. If, despite all the precautions, they are victims of a scam, it’s necessary that they know exactly what to do and who to turn to.
In light of this situation, there are already initiatives that demonstrate that the digital divide can be narrowed with the appropriate methodologies. An example is Ciberseniors by the Fundación Cibervoluntarios, which is focused on training people over 55 years old, especially those living in rural areas, to learn how to use mobile applications in their daily operations. It’s not only about teaching them to handle a phone or a computer, but it includes practical training to navigate with caution, protect passwords, recognize suspicious links, and detect fraud attempts.
Another example is the PIDA project (Digital Inclusion Points), promoted by AlfabeTICs60. Its objective is to bring technology closer to the elderly through a network of permanent points of attention in neighborhoods and municipalities. There, the elderly receive training, individualized advice, access to devices, and spaces for socialization. Peer mentoring and collaboration with associations, public centers, and volunteers are also promoted, so that each participant feels supported.
At MAPFRE, we believe cybersecurity should be woven into our daily habits as naturally as we care for our health or physical safety. This conviction is based on a fundamental principle: the protection of older people in the digital environment cannot rest solely on experts, but requires a collective commitment. That is why we promote internal training programs like ‘The Firewall Mindset,’ which, as stated in our 2024 Corporate Governance Report, has trained over 21,000 employees worldwide in digital best practices and culture of security.
As a global insurance company, our approach is based on three pillars: prevention, assistance, and trust. We support our customers in the adoption of simple preventive measures, we provide technical support in case of incidents, and we maintain clear communication with them so they understand how to protect themselves. Digitalization is advancing quickly, and our priority is that no one is left behind.
To reduce the risk of falling for these scams, experts insist on a series of measures that are basic but decisive. The first is to never share verification codes, whether sent by SMS or by WhatsApp, because neither banks nor operators ever request them. It is also essential to enable two-step verification, an additional barrier that makes it difficult to hijack the account. Furthermore, it is advisable to be wary of any urgent or unexpected message and to always confirm through another means, such as a call or an independent message, the identity of the person who supposedly wrote it. Finally, users should never click on suspicious links or download files whose origin is not verified.
The goal is not to turn older people into technology experts, but to restore the trust that fraudsters take away from them, and for the digital world to fulfill its promise: to connect, not to exclude.