The FBI's 2024 Internet Crime Report documented $3.4 billion in losses attributed to elder fraud — and email is the primary delivery channel for the majority of those attacks. This is not a technology problem your parent can solve with more caution. It is a systemic targeting problem, and it requires a systemic response. This guide explains why seniors are targeted, what the seven most common attack types look like, and exactly what to set up to reduce your family's exposure.
Why Seniors Are Disproportionately Targeted
Scammers are not random in their targeting. Older adults are specifically sought out for four compounding reasons:
Cognitive load and trust disposition
Research in behavioral economics shows that older adults tend to apply higher baseline trust to communications that appear official. This is not naivety — it reflects a lifetime of operating in an era when unsolicited letters and phone calls from institutions were generally legitimate. Scammers exploit this calibration.
Digital habit patterns formed before modern phishing existed
Many seniors learned to use email in the 1990s and early 2000s, when clicking links and responding to requests was normal behavior. The threat model has changed dramatically; the habits built during that earlier era have not.
High-value targets with accessible funds
Retirees often have substantial liquid assets — savings accounts, investment accounts, retirement funds — and fewer financial gatekeepers than working adults who might have HR departments or colleagues to sanity-check unusual requests.
Scammers know which authorities are credible
Medicare, the IRS, and Social Security are institutions that seniors have ongoing financial relationships with. An email claiming to be from one of these agencies carries automatic credibility that an email purporting to be from a random bank does not.
By the numbers
Adults over 60 filed 147,127 fraud complaints with the FBI in 2024, representing $3.4 billion in losses. That is more than double the losses reported by any other age group. The median individual loss for seniors was $33,915 — compared to $4,900 for adults under 60.
The 7 Attack Vectors That Work on Older Adults
Understanding what your parent is likely to receive is the first step toward protecting them. These seven categories account for the vast majority of elder email fraud:
Medicare and insurance fraud
Emails impersonating Medicare, Blue Cross, United Healthcare, or other insurers. Common hooks: 'Your coverage will lapse unless you verify your information,' 'You have unused Medicare benefits to claim,' or 'Your new Medicare card is ready.' The goal is your Medicare ID, SSN, or bank account.
IRS impersonation
Emails claiming the IRS has flagged your account, that you owe back taxes, or that you are owed a refund. The IRS communicates exclusively by postal mail for initial contact — any IRS email is a scam. However, the fear response triggered by an IRS subject line bypasses rational evaluation for many recipients.
Tech support scams
Often email-initiated: a message claims your computer has a virus, your Microsoft account has been compromised, or your device is sending malicious traffic. The email directs you to call a number or click a link to 'secure' your device. The actual goal is remote access to your computer and financial accounts.
The grandparent scam
An email purporting to be from a grandchild in crisis: arrested, hospitalized, stranded abroad. The message requests urgent money transfer and asks you to keep it secret from other family members. The secrecy component is a calculated manipulation to prevent the one thing that would stop the transaction: a phone call to verify.
Lottery and prize notifications
You have won a sweepstakes you never entered. To claim, you must pay taxes or processing fees in advance. These scams have existed for decades but remain effective because the emotional pull of unexpected good news is difficult to resist even when skepticism is engaged.
Romance scam email hooks
An initial email from an attractive, successful-seeming stranger who found your email address through a mutual contact or community. These emails are the top-of-funnel entry to a multi-week relationship-building process that ultimately ends in a financial request. The losses per victim in romance scams are the highest of any elder fraud category.
Account verification phishing
Emails mimicking banks, PayPal, Amazon, or email providers, claiming your account will be suspended unless you verify your credentials. The fake login page harvests your username and password. Once access is obtained, it is used immediately — often before you realize anything has happened.
Why Standard Security Advice Does Not Scale
The conventional advice — “just don't click suspicious links” — rests on an assumption that the recipient can reliably identify which links are suspicious. This is not a reasonable assumption when:
- Modern phishing emails are visually indistinguishable from legitimate institutional mail
- AI-generated personalization includes your real name, city, and demographic details sourced from data brokers
- The average senior receives 40-60 emails per day, requiring threat evaluation on every unfamiliar sender
- Standard spam filters catch bulk commercial mail but are not calibrated for targeted single-sender phishing
- Cognitive fatigue from processing large volumes of mail increases the likelihood of a lapse in judgment
Relying on vigilance as the primary defense mechanism means one moment of inattention is all an attacker needs. A defense that works only when the defended person is fully alert is not a defense — it is optimism.
What Actually Works: Reduce the Attack Surface and Add a Second Line of Defense
Effective elder email protection combines two complementary strategies:
AI screens every email before it is opened
Glance's 4-tier detection engine analyzes every incoming email against technical signals (SPF/DKIM authentication, domain age, sender reputation) and semantic signals (urgency language, impersonation patterns, psychological manipulation indicators). High-confidence threats are blocked automatically — your parent never sees them.
Circle of Trust catches what the AI misses
Any email from an unknown sender that passes AI screening is held in a queue and a notification is sent to a designated gatekeeper — typically an adult child or trusted family member. The gatekeeper sees the sender name, email address, and subject line, and approves or blocks with one tap. No email from an unknown source reaches the inbox without a human review.
The combination matters. AI alone has false negatives — sophisticated attacks occasionally get through. Human review alone is too burdensome for gatekeepers to sustain. Together, they create a system where the AI handles the clear cases (the vast majority) and the human checkpoint handles the ambiguous ones. Set it up once, and it runs indefinitely without requiring either your parent or you to think about it daily.
Step-by-Step Family Setup Checklist
This setup takes approximately five minutes and can be completed remotely:
- 01Connect your parent's Gmail account using Google OAuth — two minutes, no password sharing required. Your parent receives a standard Google permission screen and approves with one click.
- 02Add yourself (and any other trusted family members) as Gatekeepers in the Circle of Trust. You will receive notifications when unknown senders arrive.
- 03Set detection sensitivity to High in the account settings. This is the recommended setting for seniors — it maximizes the number of suspicious emails flagged for gatekeeper review.
- 04Import your parent's existing contacts as the initial allowlist. This ensures that doctors, pharmacies, friends, and family are recognized as known senders and their emails are delivered without interruption.
- 05Enable the weekly brief — a digest email to gatekeepers summarizing blocked threats and approved senders for the week. This keeps you informed of your parent's email threat environment without requiring daily involvement.
Glance is free to start — one protected account, full Circle of Trust functionality, no credit card required. For families protecting multiple accounts, the Family Circle plan covers three protected accounts under one subscription.
Protect Your Parent FreeFrequently Asked Questions
Is it safe to connect my parent's Gmail account through OAuth?
Yes. Glance uses Google's official OAuth 2.0 authorization flow — the same technology used by apps like Zoom and Slack to connect with Google. You grant specific, limited permissions (reading sender metadata, subject lines, and headers). Google displays exactly what permissions are being granted before you confirm. You can revoke access from your Google Account security settings at any time.
Does Glance read the content of emails?
No. Glance uses a zero-persistence architecture. Email body content is processed in memory for threat analysis and then discarded — it is never written to persistent storage. Glance's servers never hold a readable copy of your parent's email content.
What happens to emails from my parent's regular contacts?
Emails from senders on the allowlist — family, doctors, pharmacies, friends — are delivered instantly with no interruption. Only emails from senders your parent has never received mail from before are held for review. Building the initial allowlist by importing existing contacts takes about two minutes.
What if my parent wants to see a blocked email?
Your parent retains full control. If they want to review a held email, any gatekeeper can release it with one tap, and it will be delivered immediately. The Circle of Trust is not a prison — it is a second opinion. The protected person can always override it.
Can you set up Glance remotely for a parent in another city?
Yes. The entire setup process can be completed remotely. You create the account, add your parent's email as a protected account, and they receive a simple one-click confirmation email. No in-person visit, no technical knowledge required on your parent's end. The most common setup method is a five-minute video call while you walk through the confirmation together.
Stop the Most Likely Threat Your Parent Faces
Five-minute setup. Free forever for one protected account. The Circle of Trust works while you sleep.
Get Protected Free