The five online habits that reduce scam risk

Australians over 65 are losing more money to scams than any other age group because modern technology has evolved faster than many people have had time to adapt.

Melbourne cybersecurity advocate and Dumb Ways To Get Hacked podcast host Bora Seker says most online safety advice is too vague to be genuinely useful.

“There’s a particular type of advice every Australian over 60 has heard roughly four hundred times: be careful online,” Seker told Starts At 60. “It’s a bit like being told to be careful crossing a freeway. Useful in theory. Less useful when nobody mentions which direction the cars are coming from.”

According to the latest ACCC Targeting Scams Report, Australians lost $2.18 billion to scams in 2025, with Australians aged 65 and over accounting for a disproportionately high percentage of losses.

But Seker says cybersecurity doesn’t need to be overwhelming nor overly technical.

“The pause is the protection. Scammers’ entire business model relies on rushing you,” he says.

The simple habits that dramatically reduce risk

Seker says many of the most effective protections are surprisingly straightforward, and one of the biggest is enabling two-factor authentication — often called 2FA — on important accounts such as email, Facebook and banking apps.

“Your passphrase is the lock on your front door, and two-factor authentication is the security chain,” he explains, “And the extra layer of protection means that even if someone steals your password, they still can’t access your account without a separate security code sent to your device.”

Seker also recommends:

• using passphrases instead of simple passwords
• avoiding links in text messages
• installing device updates promptly
• slowing down before responding to urgent requests online

“If you only do five things this week, make sure you do these,” he says.

Check out Scammers are impersonating your bank: how to protect yourself

Why Facebook oversharing can become a real-world risk

Seker believes social media habits are creating vulnerabilities many Australians don’t fully recognise, and one of the biggest mistakes is announcing holidays in real time.

“Showing off your Bali cocktail or your Tassie cruise in real-time is, unfortunately, also broadcasting that your house is empty. “So it really is best to post the photos after you get home,” he says.

He also warns against seemingly harmless Facebook quizzes asking questions such as: your first car, the street you grew up on, and your mother’s maiden name.

“If those questions sound familiar, it’s because they are. They’re the exact same questions your bank uses to verify your identity,” he says.

Another growing issue is fake friend requests and cloned social media accounts designed to impersonate real people.

Seker says: “If you suddenly get a second friend request from your cousin in Geelong who you already follow, ring her. Scammers clone profiles to slide into your messages and ask for money.”

AI scams are becoming harder to spot

Artificial intelligence is now making scams significantly more sophisticated.

Seker says scammers can clone voices, generate fake photos and create convincing impersonations using surprisingly small amounts of information.

“The voice your grandchild has in every Instagram story they’ve ever posted? That’s the sample,” he says. “They don’t need much. People should be really wary of such things as: extreme urgency, requests for secrecy, unfamiliar bank transfers, gift card payments, and ‘bank’ or ‘fraud’ officers unexpectedly joining calls.

“The two rules that defeat almost all of them are simple,” he explains. “Hang up and call back on a number you already have.”

He also recommends families establish a private code word only close relatives know.

“A scammer can clone the voice, but they can’t clone what’s never been online.”

Protecting treasured family photos and digital memories

Beyond financial scams, Seker says many Australians underestimate the risk of losing irreplaceable digital memories.

“Forty years of family photos, only on one device, behind one password — that’s not a backup. That’s a disaster waiting for a single bad day,” he says.

He recommends what cybersecurity experts call the “3-2-1 rule”:

• three copies of important files
• two different forms of storage
• one copy stored elsewhere

Seker also encourages Australians to: print important family photos; set up legacy contacts on Apple and Google accounts; and ensure trusted family members can access important passwords if needed.

“You don’t have to become a tech expert”

Seker says the goal isn’t to become paranoid about technology — but to develop a handful of habits that quietly reduce risk.

“You don’t have to become a tech expert,” he says.

“You just need a small handful of habits that close the obvious doors.”

For Australians wanting more help, Seker recommends resources including the Australian government-backed Be Connected program and Scamwatch.

Melbourne cybersecurity expert Bora Seker is host of the podcast ‘Dumb Ways to Get Hacked’, which breaks down scams, hacking and online safety in simple, practical language for everyday Australians. The podcast is available on YouTube.