Listed below are resources to understand and report elder abuse, fight scams and fraud, protect your personal information, and check the facts! Developed in support of World Elder Abuse Awareness Day, this Toolkit was published June 2021 and updated June 2022.

Scams and Fraud

To receive confidential assistance if you suspect or are experiencing elder abuse:

  • New York State Domestic Violence Hotline
    • English: 1-800-942-6906
    • English TTY: 1-800-818-0656
    • Spanish: 1-800-942-6908
    • Spanish TTY: 1-800-780-7660
  • Pace Women’s Justice Center
    • Legal Helpline: 914-287-0739
    • Walk in Clinic:   914-422-4188
    • Family Court Legal Program: 914-995-7400  (White Plains)
    • Family Court Legal Program: 914-231-2886  (Yonkers)
  • Westchester District Attorney’s Office — Elder Abuse Unit 
    • (914) 994-1940   

Start with the Federal Trade Commission (FTC) 

New York Attorney General’s Office 

Senior Medicare Patrol / Senior Action Council 

There are a number of walk-in locations that serve those who:

  • do not have a lawyer and cannot afford to hire one,
  • seek a safe, private location to access Court Help Resources,
  • who needs to access Do-It-Yourself (DIY) documents,
  • and/or does not have access to computer equipment.

Protect Your Personal Information

Use an anonymous browser or “incognito” feature of your current browser

Browsers that do NOT collect personal information:

Browsers that provide you the option to open a tab from which data is NOT collected:

  • Chrome “Incognito” window – Go to: File | New Incognito Window
  • Safari – Go to: File | New Private Window
  • Microsoft Edge – select the Settings and More icon, and then New InPrivate window.

Don’t use obvious passwords (which doesn’t mean they are ones you’ll never remember); consider a passphrase. Go to

Use Two-factor authentication to further secure your passwords. It’s an extra step that is worth it for your most important data (like your password keeper!)

Never share personal information over the phone with someone you don’t know. Are they calling from a bank?  Find out which branch.  Do a search for the main number, and call back.

See also FTC resource to block unwanted calls

A phishing attack is when you are sent an email that appears to be from an authentic source, but is actually from someone trying to track you and steal personal data or infect your computer or device with malware.  This advice from the National Cybersecurity Alliance makes sense: When in doubt, throw it out.  Even if you know the source, if something looks suspicious, delete it.  As you scan your email, here are five reasons to take a pause before responding.

  1. The email asks you to confirm personal information.  Whether this email matches the style used by your company or that of an external business such as a bank, hackers can go to painstaking lengths to ensure that it imitates the real thing. However, when this authentic-looking email makes requests that you wouldn’t normally expect, it’s often a strong giveaway that it’s not from a trusted source after all. Keep an eye out for emails requesting you to confirm personal information that you would never usually provide, such as banking details or login credentials. Do not reply or click any links and if you think there’s a possibility that the email is not genuine.  First, search online and contact the organization directly  – do not use any communication method provided in the email.
  2. The web and email addresses do not look genuine.  It is often the case that a phishing email will come from an address that appears to be genuine. Criminals aim to trick recipients by including the name of a legitimate company within the structure of email and web addresses. If you only glance at these details they can look very real but if you take a moment to actually examine the email address you may find that it’s a bogus variation intended to appear authentic, e.g., as opposed to  Malicious links can also be concealed with the body of email text, often alongside genuine ones.  Before clicking on links, hover over and inspect each one first.
  3. It’s poorly written. Often you can spot a phishing email simply by the poor language used in the body of the message. Emails from legitimate companies will have been constructed by professional writers and exhaustively checked for spelling, grammar and legality errors. If you have received an unexpected email from a company, and it is riddled with mistakes, this can be a strong indicator it is actually a phish. Delete it.
  4. There’s a suspicious attachment.  Pause if you receive an email from a company out of the blue that contains an attachment, especially if it relates to something unexpected. The attachment could contain a malicious URL or trojan, leading to the installation of a virus or malware on your PC or network. Even if you think an attachment is genuine, it’s good practice to always scan it first using antivirus software.  
  5. The message is designed to make you panic.  It’s common for phishing emails to instill panic in the recipient. The email may claim that your account may have been compromised and the only way to verify it is to enter your login details. Alternatively, the email might state that your account will be closed if you do not act immediately. Ensure that you take the time to really think about whether an email is asking something reasonable of you. If you’re unsure, contact the company through other methods.

Check The Facts

  • – General news, urban legends, hoaxes, folklore
  • (A project of The Annenberg Public Policy Center) – See their Covid Misconceptions page.
  • (Poynter Institute) – See their articles as well as their regular “truth-o-meter”
  • (Center for responsive Politics) – Reports on the influence of money in US Politics

Look for obvious signs of editing: airbrushing (just a little too perfect?), blurry areas, shadows not in the right place.

Shark with human teeth and caption that says There are no Fake Photos Online

Then see if there is actually an older/different source image – easier than you’d think!