Hacker News new | past | comments | ask | show | jobs | submit login
How Criminals Steal $37B a Year from America’s Elderly (bloomberg.com)
133 points by arbuge 3 months ago | hide | past | web | favorite | 87 comments

I caught my grandfather's caretaker, along with my aunt and uncle (who had POA), stealing more than half his net worth. This began after a stroke left him cognitively impaired with 24/7 care. I did a complete financial audit and there were some minimal phone scam payments, but by far the bulk of the financial exploitation came from the caretaker and family members. He was left so financially ruined that I had to move him out of his home at age 89.

I ended up petitioning for guardianship and won. This was a painful and long process but it was ultimately the only logical choice.

Part of the problem is the secretive nature of finances. My aunt and uncle did most of their theft by putting undue influence on my grandfather to get him to sign things and then claim he was the one making all of the decisions. This undue influence included threatening him that they would abandon him if he didn't do what they wanted. The court overwhelmingly showed his incapacity which made these lies obvious.

To make matters worse, there were over a dozen amendments to my grandfathers estate documents within a 2 year period. You'd think there would be a lawyer that says no to these things, but it turned out my grandfahter's lawyer was later found complicit. He was disbarred because he got caught stealing money from several of his elderly clients.

And my grandfather's financial advisor knew about all the abuse as well, but did not do anything about it. He claimed he was alerting the POA (my uncle) about it all along, but he wasn't able to do anything else.

When I reported it to the police they did open up an investigation, but they put it on the backburner. Why? Because elder abuse is not well understood by law enforcement. When the culprits are the victims family members, it is just not taken as seriously.

The bottom line is that elder abuse is a complex problem. It isn't one that can be solved with technology alone. It will take a combination of technology, the law, and awareness. Even then, it will be difficult to solve.

This is a reason why we must fight against too much of our data being put online, by accident or by design. My parents complain of getting these calls where the callers give details which are often quite accurate, and then fish for really confidential information. Vendors like Google being tied to everything from flight booking to wedding receptions has led to this situation. It makes harvesting of information pretty trivial.

I feel like fraud is America's fastest growing sector, and that frightens me a lot. The burden of proof is far too much on the consumer, and even what should be slam dunk cases are not investigated. A coworker bought an expensive camera from Japan. The seller sent him tracking info and serial number. He was excited for days for it to arrive, and when it did he got an empty box. A few days later, an e-bay listing for the same, rare model of camera showed up in the area. He called the number, got a call back, and caller ID matched a dude who matched the name of his delivery driver and was listed on Facebook as a working for the company. Should be a slam dunk, right? Police were thoroughly uninterested in a $1500 item that was incredibly obvious. Insurance simply paid out.

I've had my credit card stolen twice times, including one that was clearly part of the target hack , though wasn't obvious at the time - at the time, it was simply a fraudulent charge that my bank caught despite being made at my local target (which itself gives me pause, because how did they know it wasn't me?) That happened in the right time range. Most people I know have had it happen to them. Quite frankly, I've known several unclassy people who have engaged in such behavior - they pretty much bragged about it, and so I stopped hanging with groups that would allow them to join (and then laughed when reading Facebook posts from former friends that they were dealing with said fraud)

In conversations about scams, a lot of people blame the victim or say something like, "well just don't be a sucker", or claim to take a very naturalistic view where we're all dogs just trying to become top dog. I've thought about this, and I think a big part of it is that the people who say that believe themselves to be decent people but ultimately want to leave open the option of acting scummy themselves in the future (because it makes your life easier) or perhaps have acted scummy in the past, or currently, and they want to avoid cognitive dissonance. You can't admit that it's wrong and keep doing it without thinking you're a crappy person.

So be very wary of people who show a hesitance to empathize with victims.

On another note, our government and society as a whole just doesn't give a damn about victim-assisted fraud. There are cases where billions of dollars have been stollen from pensioners and it is obvious who is responsible (often an open secret) but nothing is ever done. If you want to make money being a terrible person just commit victim-assisted fraud and spread each crime across multiple jurisdictions.

I can see a few other aspects behind this. First is "I learned it by watching you" - people become fiscally successful without merit through scumbaggery which promotes a cynical view that ethics are for keeping suckers in line.

Second is a "don't feed the trolls" thing. By falling for it they actively make the problem worse even for people who are savvy. If nobody fell for spam and scams they would go out of business.

Finally the classic victim blaming for mental security, just world and such. I won't be scammed because I'm not a moron. I won't suffer police brutality because I'm not a criminal.

If people brag to you about cheating/conning/lying/stealing/suing, they'll do it to you sooner or later. If they tell you other peoples' secrets, you can be sure they'll be telling others your confidences.

It's likely mis-attributed (or made up entirely) but there's a story I seem to recall about Teddy Roosevelt.

He fired a ranch hand for stealing a neighbor's cattle. Someone asked him "Why would you do that?" he responded with:

"Anyone who steals from my neighbor has no problem stealing from me".

If you think you get a lot of junk/scam phone calls, get back to me after you turn 60. My parents' volume of junk calls has pretty much increased by 50% year on year, every year after they retired. It's never-ending. I was shocked when I went home for Thanksgiving to visit. They get these calls every 30 minutes or more! And the scammers are getting even smarter and bolder. One ploy they have is they pose as a family member who's in trouble or needs a loan right away. Or the scary "IRS is gonna call the cops" one. Or the standard "I'm from your credit card" or "you won a sweepstakes!"

Sit down and have the talk with them. Even if you think they're cynical enough or that they (currently) have the mental wherewithal to not fall for this crap, sit them down and give them the briefing.

The FCC and phone carriers have proven for decades that they don't give a single shit. They're not willing to solve it. This needs to be solved by elder education, and as [most of us here are] younger people, I think we have a moral duty to make sure that education happens.

The problem is not going to be solved by elder education. The mind decays to a state where education doesn't matter in the long run. Manipulation tactics with consistency will win when dealing with an elder person who is not the same person everyday because simple things have become a chore. Basically the responsibility should never be on a person above 60. People need to demand responsibility in full by banks & phone carriers. The young generation don't necessarily have a moral duty in this because the current generation is getting shit on by the previous. If anything I doubt anyone cares unless they have greed for inheritance or love their "own" family members.

I think one solution people have come up with is to have older family members put money into "trust" in which they are the beneficiaries. Presumably having this setup, while it costs money, prevents someone who is loosing thier faculties from being able to be scammed as they don't have direct access to all their money.

Going after the scammers would also be helpful, as I haven't seen much enforcement.

Speaking as an older person, a relative bringing that up would raise red flags for me ;)

A trust is very important for retaining an inheritance for heirs if you're ever placed in a nursing home. If you're in a home, Medicaid will require you to spend almost all of your assets down before it will pay for nursing home care (Medicare does not pay for nursing homes). You can avoid this by placing your assets in a trust. You must do this at least 5 years before entering a nursing home or Medicaid can go after sheltered assets.


A better option is to buy long term care insurance.

It’s very sound financial advice. It’s especially valuable for married couples where the risks essentially double.

Diminishing mental capacity is a very real issue. You might feel this is extremely unlikely, but you only need to fail once.

Well, setting up the trust could itself be the fail.

Consider one of the examples in TFA. Philip Marshall sought guardianship of his grandmother, Brooke Astor. To protect her from his father, Anthony Marshall. Sure, Anthony Marshall eventually went to jail. But I can easily imagine a version where Philip Marshall was the villain.

Sure, this stuff is not without risk. But, personally I would rather go through this stuff as for example a mentally sound 70 year old and then just not worry about it.

It’s like keeping 20k in a checking account. It’s a good idea to have cash on hand and safer than keeping such money at home, but plenty of people had that money stolen via electronic transfer. Choosing which risks to take and how much effort you’re willing to spend avoiding those risks is just part of life.

PS: My Mothers financial adviser put it like this: “Do you trust your kids? If you do then you can simply things, but if you don’t their are other steps you can take.” Personally, I don’t nessisarily trust my future self to make great choices all the time, but if you do then don’t worry about this stuff.

> Personally, I don’t nessisarily trust my future self to make great choices all the time, but if you do then don’t worry about this stuff.

I get that. It's a tough problem. What I wonder is whether my future self might make choices that seem bad now, and would seem bad to a guardian, but might make sense for me then. Or at least, would be what I wanted to do, then.

I am betting that I won't become more trusting as I get older. Or at least, that's not been the pattern, so far.

The gov't says they need total phone surveillance to watch for terrorists, but can't seem to keep a flood of criminals from using the same phone line to say they are from the IRS and still billions from our elderly. How can they protect me from a terrorist if they can't protect my mom from a scammer?

They don't really care to protect your mom from a scammer. They probably could if they really wanted to, they just don't care to.

I mean they cracked down on the mafia, RICO and all that. You really think they can't nab a few phone scammers?

Last time I checked there the war on drugs was lost and criminal activities are doing pretty good in the US.

But I agree nonetheless that this kind of activity is certainly at the very bottom of their preoccupation.

It even surprises me because elderly are good voters so it should be politically beneficial to solve their problem, especially when it's something as simple and non-partisan as this. It seems so easy to just say "We protect our elderly and jail the awful criminals to abuse them" and just do it and win some nice popular vote for a super small cost, seems weird that it does not happen.

The sale of medical data makes it worse. My dad had a stroke a few years ago, and they now get hundreds of calls per week for various scsmmy medical things.

I thought medical data was one of the things we had privacy laws on.

Law are only followed by people who decide to follow them. Scammers typically don’t follow laws, especially when they are rarely enforced.

Of course scammers don't, but where did they get the data? That's who needs to be sued.

The problem there is data is fungible. Did it come from a hospital, a doctor, an IT contractor, which of several of those, etc? It could be impossible to tell.

Think again! Things like hospital admissions, prescriptions and other things are available in near real time to many entities.

This is a problem for everyone and not just the elderly. There have been large increased in the number of spam calls each year recently. 2018 is the first year the volume of spam calls surpassed legitimate calls.

> 2018 is the first year the volume of spam calls surpassed legitimate calls

Do you have a source on this?

That seems like an exaggeration. Or at least, maybe they've been hot-listed for some reason. My wife and I are well over 60, and we get at most one or two junk calls per day. Also, we don't answer any calls from unknown numbers (that is, not known to our base unit). If it's legitimate, they'll leave a message.

Edit: How does "hot" become "host"? I have no clue.

Yeah, I think it's definitely not just age. I'm in my early 40s and I now get 15-20 calls a day on my cell phone. Twice that, at least, on my desk phone at work.

That’s a spam call every ten or fifteen minutes at work. Sorry, not believable. You are on the do not call list, right? (I get, maybe, one call a day.)

Well, fortunately I'm not trying to convince you ;-). You can choose to believe it or not, I'm just relating my own absurd experience with spam calls.

At this point I'm ready to throw the towel in on the POTS network and move it all onto the data network. The ILECs have proven unwilling to address the problem and now their network has turned to crap. On my cell phone I can deal with it by whitelisting, but my desk phone is not so advanced.

You can buy call-blocking devices for POTS lines.

Have they been scammed before? Or been made as good marks?

I've got an elderly relative who fell into something that I swear followed a lead generation funnel. Accepted some semi-legitimate domestic computer services help (optimize your PC and scan for spyware by some company from Utah), only to have the full hammer come down a few weeks later with a follow up from an Indian call center that commandeered her PC, made fake deposits to her bank account, turned on her camera and showed he could see everything, and insisted she purchase $500 in iTunes cards to pay for the malware removal. After wising up, the same center called her multiple times daily for more than a year from various spoofed numbers.

If they're getting calls every 30 minutes, it's likely they've become a qualified lead in some way, by something they've done.

That happened to my wife a couple years ago :(

But she was smart enough to hang up, shutdown the box, and wait for me to wake up. So I booted with a Debian LiveCD, grabbed all her data, and replaced the SSD. The old one is now a RAID member in one of my play boxes.

Since no one else seems to want to deal with it, is there a potential for "vigilante justice" here? Have one of those air horns people use at sport events or other obnoxious audible device. Get a call, give em an earful. Might be enough to get off a list somewhere.

Doubtful. I'm pretty sure the phone speaker isn't even capable of producing the frequency or volume necessary to do any real damage, you'd mostly just be hurting everyone in earshot.

Now if you had suggested that vigilantes actually get off their asses and find these people and do horrible things to them, you might have something. Of course, as cathartic as it sounds, vigilantism is generally frowned upon for good reason.

15 years back i once tracked down a "boiler room" operation that was annoying me with incrementing dialer calls. I visited a little vigilante justice on them (smoking drugs in front of the webcam, heheh, heck it turned out everyone there was a meth user, local drug task force made an easy bust). They switched to an offshore call center site a few weeks later. Seems the dialer was selling the calls and there was no shortage of bidders. It's a pervasive and endemic corruption and there's no end to it. It's a cockroach-scale problem.

>The FCC and phone carriers have proven for decades that they don't give a single shit.

Imagine if good governance meant anything in today's political climate.

Is there any reason to not encourage them to use a cellphone configured to only accept calls from a whitelist of numbers?

Sure, many people want to leave the door open for distant relatives/friends to phone them if needed.

My parents are immigrants and would about once a year get a phone call from some person I had never heard of from back home, usually when a friend of the family died back in the motherland.

Your proposal would prevent such calls from succeeding.

My parents solved this problem with WhatsApp. Everyone contacts everyone via WhatsApp. Somehow there’s no spam calling on WhatsApp.

how is a distant relative going to find anyone's cellphone number? That makes absolute no sense, since cellphone numbers aren't posted in a public directory that distant relatives might honestly peruse.

It’s a small world—you can find most people just by walking your social network.

“Hey, do you Carol’s number? I want to let her know about Aunt Bertha’s funeral.”

“No, but my sister goes to yoga with her daughter. Let me put you in touch.”

I'm talking about elderly people, from the era of land-lines and phone books. They want to be maximally reachable at the numbers dispersed long ago. They're often very lonely and it only gets worse as all their peers fade away, the last thing they want is to obstruct any potential genuine contact.

To suggest they setup a whitelists where only their active set of connections may reach them demonstrates a profound lack of understanding and empathy for the elderly.

Furthermore, it's important to keep in mind elderly immigrants are usually even more stuck in the past, having grown up in nations lagging in most ways behind the USA. When I visit where my parents came from, it's like visiting a museum.

How they get the numbers is obvious, I don't think you've made any attempt to think about this. They tap into the friends network, people search through their phone books and give out numbers. It's how things used to be.

> To suggest they setup a whitelists where only their active set of connections may reach them demonstrates a profound lack of understanding and empathy for the elderly.

Maybe you let everything go to voicemail. Or if they're too far gone for that, you route it to your voicemail. And just pass along what's legitimate.

Yes, because of legitimate calls that are, indeed, important. Doctors and specialists and hospitals for starters. Your elderly spouse slip and fall while at the grocery store yet has a card with your phone number on it calls you. A friend who has had a landline gets a cell phone as well and calls. A hairdresser or other such place confirming an appointment.

The list of these scenarios goes on. They are greatly outnumbered by the scam calls, but aren't few enough not to be an issue - especially the ones with doctor's and so on.

Google's spam number service on android is rather good, but not enough...

What happened to the Do-Not-Call list? Is that dead or just not enforced?

Lamentably only honest brokers follow it. Non-profits don't have to I think, and scammers just ignore it. Caller ID is more than useless as it always seems spoofed.

We've lost control of our telephone network.

Caller ID can be useful for letting every number you don't recognize go to voicemail.

Yes, that is for sure the way to go.

Enforcement of the Do-Not-Call list seems rather sparse.

"To date, the Commission has brought 134 enforcement actions against companies and telemarketers for Do Not Call, abandoned call, robocall and Registry violations. To date, 121 of these FTC enforcement actions have been resolved, and in those cases the agency has recovered over $50 million in civil penalties and $71 million in redress or disgorgement."


Get a new phone number. Your parents sound like they're on a list.

My father lost $10K from a phone scammer. The scammer dug up personal details from various public records and weaved it into a plausible scenario. Dad thought he was saving his nephew from being framed for drunk driving by a crooked small-town cop. They even got nephew's voice impression correct, or at least good-enough. His mental facilities for judgement & scrutiny were waning.

It appears they dug up minor details on various elderly and cold-call bunches of them. If a call receiver shows curiosity, they hang up, collect more personal details, and call back days later with a more complete scenario. Thus, I don't think they actually practiced voice impressions, but use shere mass fishing/phishing to see who bites, and then focus on the biters. They leverage coincidence via mass trials.

Hey, tabtab. I have a friend at a national news organization working on a story about robocalls and looking to interview people who've been affected by them. Your story is shocking. Do you have an email address I could pass to him?

Unfortunately, my dad's mental state and eyes have degraded so much that he cannot use email anymore. Is a phone interview okay? I can ask him if he wants to talk about it. He had been too embarrassed to talk about it before, but time may have changed that.

It is indeed a crazy story. The scammers told him if he went to police or tried to contact the direct family of the nephew, it would blow the entire cover of the fix-by-bribery get-out-of-jail method. He was instructed to go to Target to buy gift cards. Later, Target was uncooperative in providing details, such as security camera coverage of those cashing in the gift cards on the other "side". The cards are numbered such that I'm sure they have logs and/or accounting records of when and where they were cashed in. They could have used that to narrow down which security camera footage to review. Maybe investigating Target gift-card scams is an avenue for you. Target confessed is had happened to others.

I'm sorry to hear that.

I don't want to speak for my friend, but I would assume a phone call would be fine. Do you have an email in which he could contact you?

T-Mobile sometimes sends me a caller ID of "SCAM CALL". Got that for the "This is the IRS" scammer.

Useful trick: don't answer by saying "Hello". Predictive dialers listen for that to distinguish humans from answering machines and voicemail. If they don't hear "Hello", they hang up quickly.

If you answer and stay silent, all of these calls hang up at 11 seconds without fail.

I'm curious what happens after 11 seconds?


The IRS doesn't call you from Pakistan.

The IRS doesn't initiate calls, period.

Nor request you pay in iTunes gift cards.

Google play cards is another favorite. I always wonder what the cash out plan for that is. Do they have an app they've published where they can use the card of in-app purchases? Are those cards valid for device purchases so they can extract the money that way?

I've always assumed perhaps they just resell the numbers at some discount.

Unless you're hiding there with your unreported income...

So, I was scammed?

If you answered a phone call from someone claiming to be from the IRS, and sent money to them, then yes, you were scammed.

IRS agents will sometimes go to people's houses to carry out collection actions, but it's all done in person; they don't make outbound phone calls.

I would suggest reporting all details of what happened to you to the police.

My mom is not even elderly and already falls for a bunch of crap. It wouldn’t matter if I educated her on this subject 10 times, she’d fall for the first scam right after the conversation. Some people are just so gullible that they can’t be helped. I know the HN audience here would like to find a quick fix such as phones that only allow calls from certain people or let elder answer only identifiable ring tones from family, but none of these would help people like my mom. I think the only effective solution would be swift enforcement, monitoring and severe prison time, readily enforced without mercy. Criminals need to get in in their head that if this is behavior they want to engage in, they will pay with their life.

It's probably a good time to get a POA and have $500+ purchases go through you, etc.

This isn't a solution but a suggestion to help. Tracking down scammers is much harder.

most of these scammers are outside of the reach of us law enforcement, or pseudonymous

Usually they still have someone that picks up the money. I.e. a "friend" of the supposed nephew that is calling for help.

> Usually they still have someone that picks up the money

Yeah, somewhere in $foreign_country...

No, I meant where the elderly person lives. Those scams usually don't run over WesternUnion or so.

Those "mules" are themselves victims of another scam

While educating the elderly can help in the short term, I feel like this shows structural problems such as personal data protection and phone carriers' unwillingness to fix these sort of issues.

I'm not saying phone fraud is non-existing in my home country of Belgium, but I've never received a single scam call, nor do I know of anyone who did, so the size of the issue in the US is surprising to me.

I do remember getting a lot more spam calls while living in Spain for a while, so it seems very linked to countries' law enforcement and carrier cooperation.

Our house phone has a built in option to only ring if the incoming number is on a white list. Our number had formerly belonged to someone who owed many debts. We've had it in place for 4 years and nothing bad has happened because of it. Not that I've noticed anyway.

I would pay a decent sum of money to configure my iPhone to only accept an easily maintained whitelist of phone numbers... (I know you can hack something together with DND etc, but it's a PITA)

One defender you may find useful. At least, the recordings are very entertaining:

The Jolly Roger Telephone Company


Well, maybe since more than 5 years ago, I have read thousands of reports, warnings, and complaints filed by people about scam calls on the internet and TV, like social media, sites like http://whycall.me, etc. It's sad to know that there are still many people fall victim to these fraudsters now. We need to keep informing people about these scams, especially our family, so that they won't become one of the victims.

I had to fend off calls like this a lot when living with my mom. I estimate most calls made are scams. It is sad the government doesn't care about quality in communications.

It's a byproduct of one very important regulation. Phone companies are required to connect calls they receive, ie they can't block calls coming into their network from other exchanges. This is a pretty important anti-monopoly rule because it prevents big companies like AT&T from freezing out small competitors like the early VOIP players or from trying to squeeze out each other by degrading service for calls not originating in their network. An unfortunate side effect is they are somewhat limited in their ability to block or filter calls and to enforce caller ID. All it takes is one cooperative operator for a spammer to bypass any protections put in place among the large carriers.

There was a neat reply all episode about someone abusing this connection requirement to make money just by sending out calls to 1-800 numbers, keeping people on the line and getting a cut from the originating exchange.


A phone number rating system could be developed where if they get negged enough the number just comes in as "spam call" instead of the next town near you.

That already exists for Android but it only fixes those not doing CID spoofing. I get a lot of calls marked as spam but it won't and hasn't fixed the problem of spoofed caller ID numbers though which are those calls that match the first 6 digits of your phone number. Those they just constantly rotate and change to match the number they're calling at the moment. I've had a few people call me and even my work desk number after some cid spoofer has used those numbers.

In Fiji we have a Financial Intelligence Unit (FIU). Banks, money transfer companies (think Western Union, MoneyGram, etc), and other financial service providers are required to report suspicious transactions to the FIU.

Short of handing a scammer a bag of cash, there's no way to transfer/receive money anonymously.

While a scammer can do damage, any significant amount would trigger an investigation and be blocked.

It sounds like the US is still the wild west when it comes to this sort of financial shenanigan.

I'm sorry to say this but my faith in this species is quite limited at this point. The nature of this species seems to be extremely primitive. How can we be so collectively intelligent yet such behavior is so pervasive and widespread?

I think a large proportion of the elderly need to be under some degree of supervision, especially in their interactions with the outside world. Ideally their relatives would assume the role of guardians, and failing that, some organization that specializes in providing this kind of oversight.

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact