Generation Z falls for more scams than their grandparents.
Worldwide, scamming has increased to levels not reached ever before. With organised agents and actors preying on the unaware, many would have assumed generation X to be the most susceptible to targeted attacks. However, a new survey by Deloitte suggests that Generation Z (those born between the late 1990s and early 2010s) was uniquely victimised.
The survey pointed out that compared to older generations, the younger, online generation is still more susceptible to phishing, identity theft, romance scams and cyber bullying.
Generation Z were three times more likely to be caught up in online scams (16 percent: Gen Z vs 5 percent Gen X). They were twice as likely to get their social media accounts hacked. They were also more likely to get their location information misused.
The cost of falling for those scams may also be surging for younger people. Social Catfish’s 2023 report on online scams found that victims under 20 years old lost an estimated $8.2 million in 2017.
This news is especially surprising as it relegates a generation that is expected to be digitally native and savvy.
Another study comparing the youngest generation to their closest counterparts (millennials) also found unexpected results. While Gen Z had a high awareness of online security, they fared worse than millennials in actually implementing many cybersecurity best practices in their own lives.
Why are Gen Z the worst in protecting themselves from scams?
Both studies attempt to explain the situation using three reasons.
First and importantly, the sheer volume of online presence as well as the usage of different online platforms naturally exposes this generation to more risk. Usage of media compared to other generations surveyed is significantly higher.
Second, the studies hypothesise that there is little practical cybersecurity education for younger individuals. The ones that exist seem to be too cautious and not match the lived experience of the users online.
Third, coupled with volume of interaction, there is a degree of apathy common in this generation that has come with increased familiarity with using the internet. This apathy has resulted in many choosing convenience over safety.
“I think Gen Z is thinking about it. We have to live with these threats every day,” says Kyla Guru to Vox, who founded a cybersecurity education organisation as a teenager. When she teaches classrooms of students about email safety or phishing or social engineering, she said, there’s often an instant recognition. “They’ll be like, ‘Oh my God, I remember getting something really similar.’ Or, ‘I’ve seen a ton of these kinds of spammers in my Instagram DMs.’”
Scammers are aware too
There is an up and coming type of attacks that tailor to younger generations. These platforms are becoming increasingly common in the online shopping world. Many fraudulent websites have popped off recently that tailor to a younger taste. And, most of this traffic usually starts on social media platforms from which the victims will be taken to a phishing website.
This is not to mention the rabbit hole of social media scamming that starts with impersonations.
Convenience vs security
Apart from increased cyber security education campaigns, the onus of scams also fails on the application designs and additional measures.
Instagram, TikTok and Snapchat are extremely convenient by design. From verification to login in, everything is easy to execute. However, if Instagram made users log out every time the app closed and re-log in with two-factor authentication in order to reopen it, then Instagram would probably be more secure to use. It would also be extremely frustrating for many users.
Older generations might be a little more accepting of this friction. But for those who grew up with social media as an important part of their self-expression, this level of security could simply be too cumbersome.
So apart from carefully looking over email and web addresses, there are more convenient measures that could be taken.
Staying safe online could involve switching browsers, enabling different settings in the apps you use, or changing how you store passwords.
Developers and media companies could also do more to keep people safe. Privacy settings should also be easier to access and understand. Applications could screen their own domains. And, they could also send out test scams to keep everyone vigilant.