Digital natives are comfortable with technology, but may be more exposed to online scams and other threats than they think

12 Aug 2025
 • 
,
5 min. read

It’s International Youth Day on August 12, a moment to celebrate the contribution of young people to society. A big part of this contribution is digital, according to the United Nations, which also notes that “young people are leading the charge in digital adoption and innovation”.

Yet despite their catchy moniker, digital natives are not necessarily impervious to online threats. Quite the reverse, in fact. Research reveals that they are potentially more exposed to risk, and more blasé about the impact this can have on their lives. That’s a worrying combination. Here’s what young people can do to stay safe and how their parents can help.

The paradox of digital natives

A particular set of circumstances makes younger generations potentially more exposed to cyber risk. First, they are more likely to be online than their older counterparts, according to a detailed study from the National Cybersecurity Alliance. Gen Z (65%) along with Millennials (64%) are far more likely to report that they’re always connected. And Gen Z (38%) and Millennials (36%) are more likely than the Silent Generation (23%) to have over 10 online accounts. More accounts means more exposure to cyberthreats.

Yet at the same time, there are signs that Gen Z in particular has relatively poor digital hygiene. The same report claims that:

• 46% of Gen Z admit to sharing sensitive work information with AI without their employer’s knowledge, versus 38% of all respondents in work,
• Just 58% of Gen Z use unique passwords for each account all or most of the time, versus 71% of Baby Boomers,
• Just 56% of Gen Z use multifactor authentication (MFA), versus 71% of Boomers and 70% of Gen X,
• Only 44% of Gen Z install updates when notified “always” or “very often,”
• 68% of Gen Z claim to “prioritize” online security, versus much higher numbers of Silent Gen (91%) and Baby Boomers (89%).

The figures chime with separate research from HP, which finds that younger people are less inclined to follow corporate security policies. Almost half of 18-24 year-olds say security tools are a hindrance, and nearly a third (31%) claim to have tried to bypass policies to get their work done.

Youngsters in the firing line

All of which may explain why the National Cybersecurity Alliance reports that younger people are more likely to fall for phishing and online dating scams, versus, say, Gen X and Boomers. Similarly, Gen Z and Millennials are more likely to lose money or data to online scams than Boomers and Silent Generation.

Whether it’s down to impatience, naivety, overconfidence or other factors, young people are potentially more likely to put themselves in positions of danger. According to the UK’s National Crime Agency (NCA), 60% of money mules are under the age of 30. Older members of society may be more risk-aware, and wealthy enough not to find such a prospect attractive.

What are the biggest online threats facing young people?

To an extent, the cyberthreats facing youngsters online are not dissimilar to those their parents may face. But there are potential psychological, emotional and practical reasons why the following may be more acute:

• Sextortion: This could include victims being tricked into sending explicit images/videos and then blackmailed into sending more, or money. Or it could involve the use of AI nudifying tools that create similar images, which can then be used as leverage for extortion. (Another threat is sextortion scams, where cybercriminals send emails claiming to have installed malware on the victim’s computer that allegedly enabled them to record the individual watching porn.)
• Account takeover: Social media, gaming and other accounts are at risk from hijacking by brute-force attacks, especially if victims don’t use strong, unique passwords and MFA.
• Online scams: Social media ads and messages are a growing conduit for investment scams and other too-good-to-be true offers designed to harvest victims’ personal information and trick them into sending cash and crypto. Sometimes using deepfake celebrity ‘endorsements’ or hacked accounts, these scams create a sense of urgency and excitement which appeal to a fear of missing out (FOMO). Phishing emails and texts are also common vectors for such threats.
• Malicious downloads: Apps, games and pirated content are often booby-trapped with malware designed to steal info/passwords, eavesdrop on conversations, flood devices with adware, and more. Budget-conscious youngsters may be more inclined to look for such content on third-party app stores, forums and other sites.

Some tips to stay safe

The same best practices apply to youngsters as they do to any internet user. To mitigate the above and other risks, consider the following:

• Always stick to official app stores, and never download pirated content. That should reduce the likelihood of unwittingly installing anything malicious.
• Check the reviews and developer reputation before downloading any new app, in case it has been associated with scams or cyber threats in the past.
• Keep the operating system and other software up to date, on all PCs and mobile devices. This will ensure they’re on the latest, most secure version.
• Deploy security software from a trusted provider to all PCs and devices. This will help to keep malware off the machine/device and prevent malicious downloads.
• Be on the lookout for phishing. Never click links or open attachments from unsolicited messages. If you need to, check directly with the sender if a message is legitimate or not (but not by replying to the message or calling a number on it). Hover over the sender domain to see if it matches the brand sending you a message.
• Beware of social media scams. Never click on ads you see online, and be aware of the threat from deepfake ‘endorsements’. Even messages coming from friends can’t be trusted as their account may have been hacked.
• Revisit your social media accounting settings to enhance privacy. Oversharing can provide threat actors with information to target you with convincing phishing attacks, or even enable them to guess security clues and hack your account. And it can expose content that’s subsequently used to train deepfake/nudifying tools.
• Remember: if something’s too good to be true, it usually is.

Digital natives may be instinctively comfortable interacting with connected technologies. But they can also be over-trusting, impulsive and impatient online. The key to changing behaviors among this cohort is not to lecture, but to share knowledge, and communicate risk with empathy and understanding. Good luck.