Senior citizens, or the boomer generation, have long been targeted by cybercriminals with phishing scams and fraudulent emails to drain their bank accounts or steal their identities.
Because of their unfamiliarity with technology, many Boomers are easily tricked into clicking suspicious links in texts and emails. They might also venture into trouble while surfing the internet over unsecured public Wi-Fi connections. Many continue to rely on outdated applications and email services like Hotmail, Juno or AOL, using passwords that haven’t been changed in years.
But what about the younger generations? Shouldn’t their near-ubiquitous use of technology prevent them from falling victim to the same threats? Surprisingly, no.
Despite being chronically online, many Gen Z members share the same unhealthy cyber practices as their grandparents—minus, of course, the old email applications. Experts believe Gen Z, born between 1995 and 2012, is now three times more likely than Baby Boomers to fall victim to cybercrime.
Part of the problem comes down to trust. Gen Z and many Millennials trust their platforms and believe someone is looking out for them.
According to a recent Deloitte “Connected Consumer Study”, five out of 10 Gen Zers and Millennials say they trust online services to protect their data, versus just three out of 10 older consumers. Six out of 10 feel the benefits of online services outweigh privacy concerns. However, only four out of 10 older consumers feel the same way.
People trust what they know the most. And Gen Z has known technology all their lives.
This younger generation of technophiles has been raised in a world of SaaS-based applications, starting in the classroom with Office 365 and Google Workspace for the classroom, now used by more than 150 million students and educators.
“The surface area of Gen Z’s digital footprint is much larger because they grew up online and spend more time online than previous generations,” said Milou Lammers Meier, an attorney and consultant specializing in cybersecurity and IT compliance. “They use more apps, have more online accounts, and spend more time online, which makes it easier for cybercriminals to target.
However, their unfounded trust is also shared with a sense of hopelessness that nothing will protect them and their data online. According to an Ernst & Young survey, Gen Z is becoming less confident about their ability to identify phishing attempts. Only 31% feel confident in spotting these threats, a significant drop from 40% in 2022.
Meanwhile, hackers and fraudsters are increasing their efforts to target children online, zeroing in on their clean credit histories and virtual wallets. According to a 2019 estimate by the consumer credit reporting company Experian, one in four youths in the U.S. will experience identity theft or fraud before they reach the age of 18.
These fraudsters know that children with easy access to the internet and smartphone apps seldom understand the dangers online. However, that could also change with early education and training.
Correcting Behaviors at Work
Gen Z vulnerabilities and bad habits formed at an early age are being carried into the workforce, exposing their employers and themselves over company networks.
HR and IT leaders are responding by partnering to teach employees the basics of cybersecurity, such as using multi-factor authentication (MFA), creating and refreshing unique passwords, and keeping software updated.
Many companies are also adding cybersecurity training to their onboarding processes and testing employees throughout their time on the job. New onboarding training can teach employees how to spot and report phishing attempts or avoid unsecured networks while traveling.
“The best way to reach younger workers with this kind of training is to start on day one and continue with refresher courses,” said Holly Mockus, a corporate training expert with Intertek Alchemy. “Cybercriminals are constantly evolving their approaches, so you must keep employees updated and practiced. You can teach them, for example, how to spot a phishing email by first looking at the return address. And make them aware of company policies, like the CEO will never personally email them asking for a favor.”
Starting in the Classroom
Much of this training can start in the classroom too. Just as educators and parents teach kids not to talk to strangers, they can also explain why they shouldn’t so freely share personal information online.
At the very least, every child should know how to keep their information private, refrain from connecting with strangers online and report anything unusual to an adult.
However, for this to happen, teachers must also be aware of the dangers of online teaching. K-12 schools, public and private, can train educators to become cyber literate. The skills they learn during this training can be passed down to students.
“Students should be taught how to protect their accounts online with strong unique passwords and multi-factor authentication and ensure they are pushing regular software updates to their devices,” Lammers said. “They should also be taught how to identify potential social engineering attempts.
Cybersecurity can also be added to a school’s standard curriculum. Cyber.org offers a
national K–12 Cybersecurity Learning Standards program to help educators provide a foundational understanding of cybersecurity, as well as the skills and knowledge needed to pursue a career in cybersecurity.
Early training can instill a sense of cyber awareness that can be carried into the workforce and potentially outnumber, if not create some parity with the ranks of cybercriminals.