A lot of observations and research has come up in the past week during Data Privacy Week. One such observation was that tech-savviness does not guarantee safety online. Yubico鈥檚 latest Global State of Authentication Report touches on that, as it found that Gen Z is actually the most likely to experience phishing attacks.
62% of Gen Z respondents even admit that they鈥檝e interacted with a phishing message such as opening links and attachments, or even just responding to suspicious messages, this past year.
On the other hand, the number for Boomers is a lot lower. Only 23% of them report having experienced the same thing.
How Exactly Do Individuals Treat Cybersecurity Across Generations?
71% of Gen Z use Multi Factor Authentication methods to protect their personal accounts, compared to 51% of Baby Boomers. But this doesn鈥檛 make Gen Z safer.
For example, when it comes to AI, we know that many of the tricks and scams used are becoming more sophisticated. In fact, 38% of Gen Z believed an AI-generated message was human written, compared to 1% of Boomers. This is a concerning number for Gen Z, and it goes to show that being more knowledgeable on technology won鈥檛 guarantee immunity from attacks.
Niall McConachie, regional director (UK & Ireland) at Yubico, discusses the generational cyber gap: “Now is the perfect time to debunk the myth that being tech-savvy equates to being cyber resilient and safe online. Our data shows a concerning disconnect: Gen Z is adopting the right tools, like MFA, but their comfort with digital communication makes them a prime target for social engineering and phishing attacks.
鈥淲hen we look at why people are falling for these scams, the data tells a deeper story: Gen Z are most likely to be tricked because they are 鈥榠n a rush鈥 or because the message offered a 鈥榲aluable opportunity鈥 like a job or prize. In contrast, Baby Boomers are rarely tricked by opportunities but are more likely to fall for messages that appear to come from a 鈥榯rusted source.鈥”
More from News
- 79% Of UK Workers Fear Losing Their Jobs This Year – And Its Not AI Related
- Scail Launches To Help Regulated SaaS Businesses Navigate The AI 鈥淧erfect Storm鈥
- X Is Taking A Slightly Different Approach To Managing Click Bait Content – Will It Work?
- AI Is Meant To Reduce Workloads, Why Is It Still Causing Workers Cognitive Fatigue?
- Apple Wins Q1 As Smartphones Shipments Go Up And Competitor Sales Go Down
- Can Travellers Expect Lower Flight Prices After The Ceasefire?
- Gen Z Consumers Face The Highest Online Fraud Risks – How Are They Staying Protected?
- GOODFOLIO Sharpens Global Enterprise AI Strategy With Senior Team Restructure
How Do Workers Treat Cybersecurity?
In the workplace, the report found that 4 in 10 employees actually do not get cybersecurity training, and another 44% wait 3-5 months to upgrade their policies.
This means that in the rise of all these new threats, almost half of the workers do not know how to stay protected, and if they do, they are doing so with outdated strategies.
62% of organisations only use standard username and password combinations to protect accounts. 44% uses OTPs that are sent via SMS, which also can be risky.
There seems to be a disconnect between what employees believe will protect them versus what actually will. The research found that 41% of respondents truly believe the SMS OTP method is the most secure. Another 33% believe app OTPs are the most secure. A shocking 26% believe that just passwords are the most secure.
Passkeys on devices were perceived as the most secure by 30% of them, and this actually is the most effective compared to the abovementioned.
Misconceptions like this definitely play a part in the failing company cybersecurity systems. The report says: 鈥淒espite these vulnerabilities, 84% of respondents whose companies鈥 security measures differ based on role still believe their company鈥檚 cybersecurity is as secure as it needs to be, showing misplaced confidence as all levels of an organisation need to be treated the same for cybersecurity tools to be effective.鈥
鈥淭he takeaway for 2026 is that no generation is immune, but that the vulnerabilities differ. True privacy and security require a combination of the right habits 鈥 scepticism of unexpected messages 鈥 and modern, phishing-resistant tools like hardware security keys that protect your personal information even when you do inevitably click on a fraudulent phishing link in emails or text messages,鈥 concluded.
