How to protect aging parents from online scams without overwhelming them
A practical guide for adult children who want to reduce scam risk for aging parents without treating them like children or burying them in security advice.
Read articlePersonal Security
A calm recovery checklist for families after a tech-support scammer, fake Microsoft popup, or bank impersonator got remote access to a parent's computer.
If a scammer got remote access to your parent's computer, act in this order: disconnect the device from the internet, stop contact with the scammer, change important passwords from a different clean device, contact financial institutions if anything sensitive was exposed, remove remote-access tools, and document what happened.
Do not start with blame. You need facts, access control, and money protection first.
Microsoft says it will not proactively contact people to provide unsolicited technical support, and its guidance warns that real Microsoft warnings do not include a phone number to call. The FBI also warns that tech-support scammers use popups, calls, texts, ads, and websites to push victims into remote access and payment.
Sources: Microsoft support scam guidance, FBI tech support scams
This is the cleanup checklist for the moment after access was granted.
If the scammer is still connected, disconnect the computer from the internet:
Do not keep debating with the caller. Do not let them "finish fixing it." Do not type anything else while they can see the screen.
Hang up. Stop replying to texts or chats. Do not call back.
If they call again, do not explain. The explanation gives them another chance to pressure the family.
Before memory blurs, write:
This helps the bank, law enforcement, and whoever cleans the computer.
Use a different device you trust. Do not change passwords from the computer the scammer controlled.
Email is the recovery key for everything else.
Change the password for the primary email account. Turn on MFA if it is not already on. Check recovery phone numbers, backup email addresses, forwarding rules, and suspicious app access.
If the scammer watched the parent log into email, assume the password is exposed.
Prioritize:
Change reused passwords anywhere they were used. Reuse is how one exposed password becomes many accounts.
CISA's home security guidance emphasizes strong passwords, MFA, recognizing phishing, and updates. In this situation, MFA is especially important because the scammer may already know or have seen passwords.
Source: CISA: Secure Yourself and Your Family
Call the bank or card issuer using a number from the card, statement, or official app. Do not use any number the scammer provided.
Tell them:
"A tech-support scammer had remote access to the computer. Banking or payment information may have been visible. I need help protecting the account."
Ask about:
If money moved, time matters. The FTC's scam guidance advises contacting the company used to send money and asking whether it can be reversed.
Source: FTC: What To Do If You Were Scammed
Common remote tools used in scams can include legitimate products. The tool is not always malicious by itself. The problem is that the scammer used it.
Look for recently installed software such as:
Uninstall anything that was installed for the session. If you are not sure what belongs, get help before deleting randomly.
Then run trusted security scans. Use security software already known to the family or a reputable built-in tool. Do not download a "cleaner" from a link someone sends after the scam.
Not every remote-access scam requires a full wipe, but some do.
Consider a rebuild if:
For a personal machine, a careful cleanup may be enough. For a business machine or a device tied to regulated data, preserve evidence and get professional help before wiping.
After one scam, the family may get more calls.
The follow-up pitch may sound like:
The FBI warns that scammers may share victim information and attempt additional fraud. Treat every follow-up contact as suspicious until verified through a known path.
Source: FBI tech support scams
Reporting does two things: it creates a record and helps agencies track patterns.
Use:
If money moved, also call the financial institution immediately.
This part matters more than families think.
Do not lead with "How could you fall for that?" Lead with:
"I'm glad you told me. Let's protect the accounts first."
Shame delays reporting. Delayed reporting increases loss.
Ask neutral questions:
You are building a timeline, not prosecuting a family member.
After cleanup, put three controls in place:
The family fraud fire drill gives the pre-incident plan. The live article on tech-support scams explains how the fake Microsoft popup works.
Obsidian Ridge helps families clean up after scams and reduce the chance of a repeat: secure the email, harden key accounts, check devices, simplify passwords, and create a clear escalation path.
If the household needs direct help, start with individuals and families. If the affected device belongs to a business, use the briefing form because the evidence and liability questions are different.
Disconnect the computer from the internet, stop talking to the scammer, and change important passwords from a different clean device, starting with email and banking.
Sometimes. If the scammer had admin access, changed settings, downloaded files, or the device handles sensitive business or regulated data, a rebuild may be safer. For serious incidents, preserve evidence before wiping.
Start with email, then banking, Apple or Google, Microsoft, password manager, shopping, health portals, and any account using the same password.
Yes if banking, card, investment, payment-app, or identity information may have been visible or shared. Call using a known number, not one from the scammer.
Antivirus can help find some malware, but the main risk is access and account exposure. Password changes, MFA, bank contact, remote-tool removal, and monitoring matter just as much.
Last updated
July 17, 2026. We refresh this content as the threat landscape and tools evolve.
FAQ
Disconnect the computer from the internet, end the remote session, do not keep talking to the scammer, and change important passwords from a different clean device, starting with email and financial accounts.
If the scam is still active, disconnect from the internet first. Powering off may be reasonable for a family cleanup, but if there is a serious business, legal, or financial investigation, preserve evidence and get professional help before wiping anything.
Change the primary email password first, then banking, Apple or Google, Microsoft, password manager, shopping accounts, health portals, and any account where the same password was reused.
Yes if payment information, banking access, identity documents, or financial accounts were visible or shared. Tell the bank it was a tech-support or remote-access scam and ask what monitoring, card replacement, or account protections they recommend.
Sometimes, but not as the first reflex. Start by disconnecting, preserving what happened, changing passwords from a clean device, removing remote-access tools, scanning, and deciding whether a rebuild is safer based on what access the scammer had.
Related reading
A practical guide for adult children who want to reduce scam risk for aging parents without treating them like children or burying them in security advice.
Read articleA practical step-by-step guide to freezing credit for adults, kids, and aging parents, with what a freeze actually blocks, what it does not, and how to lift it when you need new credit.
Read articleA plain-English guide to the scam types hitting older adults hardest in 2026, ranked by the patterns families should recognize first and the one response rule that prevents many losses.
Read article