Be sure to set them up under non-admin user accounts AND get 2 gmail email accounts for each or both to do every day surfing, emailing. 1 gmail account to use for family, the 2nd to use to sign up on the sites they want to ‘join’
CAVEATS: make sure the block popup setting is on for safari. make sure the firewall is on / advanced options > stealth. Get clamXAV and set it up in the admin account, set up regular scans and updates.
AND You have to train them to come up with/use a standard Pseudonym, alternate birthdates (like their favorite celebrity or something), alternate addresses (or use PO boxes), standard passwords for those sites > create a note file and put the info in there, keep it on the desktop.
and make sure they know never to give out ANY personal information and NEVER click on links in an email or a site they don’t personally know (like the nytimes.com or AARP.org) They’ll be asked for that sign-up/log-in stuff for almost all news sites, online forums/communities, so it’s better to have a PLAN ahead of time.
AARP has some good resources / online communities. the FBI site has good info on indentity theft. It IS the wild wild west out there—so It’s better for seniors from my experience to just have a flat-out rule NOT to do any buying/credit card purchases online unless you’re sitting right there with them. Under no circumstances should they ever ever ever use a debit card or checking account to make purchases online—these are not covered by the same protections as credit cards.
If they do all their trial and error/learn by doing under user non-admin accounts (it will occur without tinkering with the admin settings/root/etc) and they’re unlikely to do anything that can’t be reversed—as long as they don’t give out any of their personal info/etc. They can’t give out info in the online forums or chat rooms—you have to help them be paranoid and on high alert in that regard.
Also, by not using the admin/root account, less likely that they will download or click anything that gets to root access of the system… and believe me they will download and click stuff that will try to do evil on their systems, but luckily they’re in safer territory than windows users, but it’s not 100% safe.
and then, let ‘em just go at it—trial and error, hands on is the best way to learn. and to get past the fear (but always keeping in mind the caveats and that nothing is 100% safe.)