Almost half of Gen Z (48%) has a side hustle, the highest percentage of any other generation. This may leave them at higher risk of cyberattacks. 

Research from Kaspersky reveals how professionals engaged in multiple jobs can be a convenient target for malicious actors, with the predominant issue being the wide range of corporate apps that Gen Z workers must use — the more apps workers use, the more potential exposure points for threat actors to exploit. 

From H2 2024 to H1 2025, the research identified more than 6 million attacks mimicking platforms or content associated with 20 commonly used work tools. The platforms most often impersonated were Zoom, Microsoft Excel and Outlook. 

If companies establish BYOD policies, the risks increase, as the potential exposure points for users include professional apps as well as personal ones. 

Below, security leaders discuss these findings. 

Security Leaders Weigh In

David Matalon, CEO at Venn:

People often assume older generations are the most vulnerable online, however, Gen Z is facing a different kind of cybersecurity threat. Not because they’re less tech-savvy, but because they’re more digitally exposed. They’re juggling multiple gigs, often working remotely, and doing it all from personal devices. That lifestyle creates a massive attack surface.

Unlike previous generations who mostly used company-issued devices on corporate networks, Gen Z is working from coffee shops, managing freelance clients on WhatsApp, and clicking into tens of different apps a day — all from the same laptop they use for YouTube and online shopping. That blending of personal and work life is where the real risk comes in. One phishing email or fake software update doesn’t just put them at risk; it can expose their employer, too.

The challenge isn’t about locking people down. It’s about enabling remote workers, especially remote and hybrid-working Gen Z professionals, to use their own devices securely, without turning them into a liability for every company they work for. That’s where traditional approaches like VPNs or shipping corporate laptops fall short. Gen Z needs security that works the way they do — flexible, remote, and fast-moving.

Anne Cutler, Cybersecurity Evangelist at Keeper Security:

The assumption that older generations are more vulnerable to cyber threats isn’t always accurate. Gen Z is typically highly fluent in digital tools, but that fluency can lead to riskier behaviors — like faster click habits, password reuse and using personal devices for professional work. 

Gen Z’ers were practically born with iPads in their hands and an inherent trust that popular platforms and devices are safe, whereas older generations have more skepticism toward technology. Attackers know this and are tailoring phishing campaigns to mimic platforms that younger employees use every day, including team collaboration tools like Zoom and Outlook. And when you’re working across multiple roles or side gigs, managing dozens of accounts without a secure system in place, a single compromised personal or work credential can create a damaging chain reaction.

It is imperative that all generations use a secure password management tool to generate strong, unique passwords for every account - both in their professional and personal lives. That way, even if one platform is compromised, the rest stay protected, and you don’t have to remember dozens of logins.

The earlier we start cybersecurity education, the better — but it needs to be engaging, age-appropriate and actionable. Recently, Keeper launched Flex Your Cyber, a public service initiative focused on empowering students, parents, teachers and administrators to build strong cybersecurity habits from an early age. With support from the National Cybersecurity Alliance, CYBER.org, KnowBe4 and Atlassian Williams Racing, the program delivers fun, interactive resources — like games, videos and lesson plans — that help families and schools build a foundation of cyber awareness. 

The reality is that password reuse, weak credentials and phishing threats don’t wait until adulthood to present a serious risk. Flex Your Cyber helps close the education gap and makes digital security and safety part of everyday learning.

Chad Cragle, Chief Information Security Officer at Deepwatch:

While it’s often assumed that older generations are more vulnerable to cyber threats, that view overlooks the unique risks facing Gen Z. Yes, older users may be less familiar with evolving digital tools. Still, they also tend to approach unfamiliar technology with more caution. Gen Z, by contrast, grew up in a fully connected world and is highly comfortable with technology, but that comfort doesn’t always translate to cyber-savviness. Their behaviors often put them at greater risk. They’re especially susceptible to highly targeted social engineering attacks that mimic their everyday tools and workflows. Between mid-2024 and mid-2025, over six million attacks involving fake versions of popular collaboration platforms, including Zoom, Outlook, and Excel, were observed. These aren’t just generic phishing emails; they’re designed to look like real project assignments, meeting invites, or requests from managers.

What sets Gen Z apart is how fast they move and how much they juggle. They frequently switch between multiple jobs or side gigs, using a mix of personal and professional apps, and often work from unsecured devices or networks. These behaviors pose significant risks to employers, including shadow IT, unsecured endpoints, residual access from previous roles, and exposure to third-party subcontractors. Their habit of installing unvetted software to solve immediate problems without involving IT or security introduces gaps that are tough to monitor or fix later.

To reach Gen Z, we need to change our approach to education. Traditional training modules and lengthy policies won’t resonate with them. Instead, cybersecurity awareness should be introduced early, in high school, reinforced in college, and remain relevant in the workplace. This means short, practical training scenarios that reflect their experiences and priorities. Show them what happens if they click, how a scam can lead to lost income or reputation, and why protecting their freelance portfolio is just as crucial as safeguarding company data. For this generation, cybersecurity is more than a corporate concern; it’s cultural and personal, requiring education that’s as dynamic as their digital lives.