Gen Z has often been hailed as the most tech-savvy generation in history. But new research from Kaspersky suggests that their hyper-connected, gig-driven lifestyle may also be making them one of the most vulnerable.
In a report released this week, Kaspersky warns that "polyworking"—a growing trend among Gen Z workers juggling multiple part-time jobs, freelance gigs, or side hustles—is creating an unprecedented cybersecurity challenge. With a widened digital footprint, these digital natives are increasingly becoming the target of highly-tailored cyberattacks.
"People often assume older generations are the most vulnerable online," said David Matalon, CEO at Venn. "However, Gen Z is facing a different kind of cybersecurity threat. Not because they're less tech-savvy, but because they're more digitally exposed."
According to Kaspersky, nearly half of Gen Z workers identify as polyworkers, blending personal and professional use across multiple devices and platforms. Unlike previous generations that used company-issued laptops on secure corporate networks, many Gen Z workers are managing clients via WhatsApp, hopping between Zoom calls and freelance portals, and using a single device for work, play, and everything in between.
This fluid digital lifestyle makes them ideal targets for attackers. Between mid-2024 and mid-2025, Kaspersky observed more than six million phishing attempts leveraging fake collaboration tools like Zoom, Outlook, and Excel. These scams often arrive disguised as fake software updates or meeting invites, seamlessly slipping into Gen Z's fast-moving workflows.
"They're juggling multiple gigs, often working remotely, and doing it all from personal devices," Matalon said. "That lifestyle creates a massive attack surface."
"Gen Zers were practically born with iPads in their hands and an inherent trust that popular platforms and devices are safe," said Anne Cutler, Cybersecurity Evangelist at Keeper Security. "Attackers know this and are tailoring phishing campaigns to mimic platforms that younger employees use every day."
This blend of work and personal life on the same device doesn't just put individuals at risk—it threatens entire organizations. One phishing email or malicious file downloaded during a freelance project could grant attackers access to sensitive employer systems, introduce shadow IT, or expose confidential client data.
"What sets Gen Z apart is how fast they move and how much they juggle," said Chad Cragle, CISO at Deepwatch. "They frequently switch between jobs or side gigs, using a mix of personal and professional apps. Their behaviors often put them at greater risk."
The risks go beyond phishing. Cragle points to habits like installing unvetted productivity apps, managing dozens of logins without a password manager, and using unsecured networks as compounding vulnerabilities.
"These aren't just generic phishing emails; they're designed to look like real project assignments or requests from managers," Cragle noted. "The result is a cybersecurity threat that's harder to detect and more damaging when it succeeds."
Kaspersky and industry experts agree that legacy approaches—like deploying corporate laptops or relying solely on VPNs—aren't sufficient. Security solutions must evolve to meet the flexibility and speed of modern remote work.
"The challenge isn't about locking people down," said Matalon. "It's about enabling remote workers, especially Gen Z professionals, to use their own devices securely, without turning them into a liability."
Cutler added that password reuse is one of the most common but dangerous habits among younger users. She recommends implementing zero-trust security models and enforcing the use of secure password managers across both personal and professional accounts.
One thing all experts agree on: cybersecurity training must change if it hopes to resonate with Gen Z.
"Traditional training modules and lengthy policies won't resonate with them," said Cragle. "Cybersecurity awareness should be introduced early, in high school, reinforced in college, and remain relevant in the workplace."
Keeper Security is already investing in this future. Through its Flex Your Cyber initiative—backed by partners like the National Cybersecurity Alliance and CYBER.org—the company is offering interactive, age-appropriate resources like games, videos, and lesson plans designed to instill strong cyber hygiene habits from an early age.
"The earlier we start cybersecurity education, the better," said Cutler. "But it needs to be engaging, age-appropriate, and actionable."
Kaspersky's report and the voices of cybersecurity leaders paint a clear picture: while Gen Z may be the most digitally fluent generation, that fluency comes with hidden risks. Their fast-paced, flexible work style is changing the game—not just for themselves, but for every organization they interact with.
Addressing this growing threat will require a shift in mindset, from compliance-focused security to culture-driven, user-first solutions. If security leaders can meet Gen Z where they are—on their devices, in their apps, and in their rhythms—then cybersecurity can evolve into something more than a barrier; it can become a competitive advantage.
Follow SecureWorld News for more stories related to cybersecurity.