Key facts
- Scammers target retirees during a six-week summer window from Memorial Day to the Fourth of July.
- Fake rental scams are posted on platforms like Airbnb, Vrbo, and Facebook Marketplace.
- The FTC reported $274 million in losses from travel, vacation, and timeshare fraud in 2024.
- Grandparent scams, a type of impersonation scam, are researched using data from social media and genealogy sites.
- Public Wi-Fi networks in tourist areas are exploited for "evil twin" attacks to steal login credentials.
- Older fraud victims, particularly those aged 70-79 and 80+, report higher median losses.
Scammers are exploiting a six-week period between Memorial Day weekend and the Fourth of July to target retirees, a time when these individuals are often more vulnerable due to vacationing, using public Wi-Fi, and being away from home. This "summer fraud window" provides scammers with a playbook of tactics, including fake rental listings, grandparent scams, and public Wi-Fi traps.
Fake rental listings are often posted on platforms like Airbnb, Vrbo, and Facebook Marketplace, priced below market value with convincing photos and reviews. Victims are prompted to pay outside the platform via wire transfer, Zelle, or gift cards, only to find the rental does not exist or is already occupied. The FTC reported $274 million in consumer losses from travel, vacation, and timeshare fraud in 2024, with older victims experiencing higher median losses.
Grandparent scams, a subset of impersonation scams, spike during the summer when children are out of school, making it harder for grandparents to verify their grandchildren's whereabouts. Scammers research potential victims' grandchildren's names and potential travel plans through data broker sites and social media. Impersonation scams, including grandparent scams, resulted in nearly $3 billion in losses in 2024, disproportionately affecting victims aged 60 and over.
Public Wi-Fi networks in tourist-heavy areas pose another risk, with scammers setting up "evil twin" networks to steal login credentials, email access, and banking information. This is particularly dangerous when retirees are away from home and may be more frequently accessing sensitive accounts. Scammers collect personal data throughout the summer to profile victims for future attacks.