6 tips Gen Z need to know about cybersecurity

Hands holding smartphones with speech bubbles
(Image credit: Getty Images)

The tech we use, the sites we visit, the apps we open multiple times a day – they're all getting smarter. Seeing these advances is pretty exciting since a lot of them are meant to make our lives easier, but they also invite new risks into our digital world. After all, data is what makes the web work, and it's personal data in particular that these tech companies are hungry for.

Personal data is anything that can be used to figure out who you are. So, think names, addresses, your date of birth, your IP address, and all sorts of other stuff. It's the info that you should want to be kept under lock and key – so why does Gen Z have a reputation for not really caring?

Gen Z is, as the kids say, "chronically online", so it follows that they have the most info out there to protect. You might think that digital privacy doesn't mean much anymore, or that it's not a big deal, or you simply might not know where to start when it comes to protecting yourself. Keep reading, and I'll run through my top tips for Gen Z online, and why your cybersecurity does matter.

What is Gen Z's attitude towards cybersecurity? 

Okay, first of all – I should say that I'm a Millennial, but this isn't a lecture or a weirdly passive-aggressive hit piece on Gen Z. Good cybersecurity practices should be everyone's priority, regardless of age, after all.

The thing is, because Gen Z was born into a world absolutely saturated with tech, they didn't live through that period of time when everyone was suspicious about the internet. I remember being told that I should never, ever reveal my real name on the web, and went by a pseudonym for ages. Now, when I see folks on TikTok spilling their most personal details (and setting it to music), there's a part of me that thinks wait, is this allowed?

Gen Z are more likely to be involved in online scams

Deloitte

Gen Z uses the internet, and social media apps, different from myself and other older generations. According to Avast, Gen Z access a social media app multiple times a day – but only 23% of "Zoomers" are actually concerned about the passwords being hacked.

The concern should be there, though, because Cybsafe found that Gen Z is more often the victim of phishing attacks – and Deloitte revealed that they’re more likely to get wrapped up in online scams.

The reasons for this lax attitude are understandable, to a degree, because privacy fatigue is very real. It feels like there's a new story about a data breach, hack, or heart-wrenching instance of fraud every hour. And what is Gen Z supposed to do about it when it's just the way the digital world works?

I get it, but there are a few simple things that you can do, right now, to give your digital privacy a boost.

1. Please, please, please use better passwords 

Okay, I know you've seen this advice hundreds of times, but there's a good reason for it. A weak password is the digital equivalent of leaving your front door unlocked or ajar – it's just a bad idea.

It's an especially bad idea for Gen Z, who do a lot of their talking via social media and instant messaging apps, which require you to log in to do your thing. The sheer amount of login details is big business for hackers – who can use pilfered details to cause havoc with your account or sell the data (along with a ton of other people's logins) on the dark web for a small fortune.

Want to check?

If you're unsure whether your details have been included in a data breach, there's an easy (and free) way to make sure. Visit haveibeenpwned.com to check if your info is out there.

If you've signed up for a lot of apps, sites, or other digital services, you may have been involved in a data breach at some point. This means that your login information could be floating around on the dark web waiting to be bought by a hacker – who'll use it to try and crack other accounts with the same password and username combination.

Naturally, you don’t want to make their job easier by using the same password for absolutely everything, so switch it up. Use numbers, symbols, and the weirdest string of words you can think of. Oh, and if you're worried about remembering your new super-secure password, today's best password managers have you covered.

2. Make sure that app is legit

For Gen Z, a lot of the digital world is accessed through their trusty mobile phones – it's handy to have access to the web wherever you go, sure, but it comes with privacy risks.

I can't tell you how many fake apps I've seen since I've been in the cybersecurity world. Fraudsters create them because they've become such an integral part of our day-to-day lives. There's an app for everything, and downloading them is usually pretty easy. Unfortunately, this means you can download a dodgy app without a second thought.

Spotting fake apps can be tricky, too. They're often designed to look just like their legit counterparts. Instead of doing whatever they're supposed to do, however, these fakes can steal your personal information, infect your device with malware, or just ruin your day with ads and pop-ups.

If you're uncertain about an app you've found, here's what to inspect before hitting that download button:

  • Check out the description. The quickest way to see if an app is legit is by reading through the marketing speak on its download page. If there are blatant grammatical errors and typos, it might not be the real deal. The same applies if the icon looks off, too.
  • What do other people say? Take a look at those reviews. Are they all pretty low? Have multiple people had a bad experience? If so, avoid the app. However, it's worth noting that apps with only glowing reviews can be suspicious, too, as some shady developers simply buy acclaim in bulk.
  • Do your research. Punch the name of the app into a search engine to see if there are any discussions about the legitimacy of it or not. You might see a Reddit thread warning you away or other user testimonials.

3. Beware of public Wi-Fi 

Public Wi-Fi is the free internet you find in public places – stores, cafes, airports, hotels, etc. It's undeniably handy if you're out and about and don't have any mobile data… or if you're trying to ration it out. However, these hotspots are notorious for being insecure.

The first thing to keep in mind is that public Wi-Fi doesn't have the same security as the Wi-Fi you use at home. That means anyone snooping on the network could feasibly see what sites you're visiting.

Then, there are the honeypot hackers. These shady individuals create their own fake Wi-Fi hotspots and name them something similar to the legitimate connection. So, if you're in a hotel and the real Wi-Fi is called "HotelFreeWiFi", the hacker might name theirs "FreeWifiHotel".

If you connect to this fake hotspot, you're basically letting the hacker watch your every online move over your shoulder. They'll see everything you do and be able to log the information you share for their own shady ends. This includes things like logins, banking details, and personal information – basically, all the stuff you wouldn't want to give a total stranger.

When it comes to public Wi-Fi, use it with caution, and avoid doing any shopping when connected to a free hotspot. Alternatively, you can invest in one of the best VPNs that'll prevent snoopers from checking out your data, full stop, and I'll cover VPNs in more detail a little later.

4. Get into those social media settings 

Let's say that you've signed up for a new social media account and it's asking you the same old questions – do you want to give the app permission to access your device, know where you are, record certain bits of data, etc. It's tempting to just spam "yes" in response to these questions, but you're setting yourself up for a privacy nightmare if you do.

Ask yourself if the app really, seriously needs that info to do its job. Does Instagram need to know your location, for example? Does X need to read your contacts? Probably not. 

Does Instagram need to know your location? Does X need to read your contacts? Probably not.

If you've already created your account, it's time to open up that settings menu and do a little customization. Limit the access apps have to your personal information – and consider setting your profile to private, too.

Why? Well, it's not just the apps themselves that can use your personal information in dodgy ways. Snoopers, stalkers, and other garden-variety internet weirdos can use what you post online to keep tabs on you. A photo uploaded to Facebook with a location tag, for example, lets anybody know you're not home.

5. Remember that what goes online, stays online 

As I mentioned earlier, the era of "stranger danger" is well and truly over. Now, Gen Z isn't bothered about sharing seriously sensitive information with the yawning void of the internet. Age, real name, location, details about health, gender, sexual orientation – the works. It's a nice way to connect with other folks, but it can also play right into a fraudster's hands.

These personal details can be used for identity fraud, that's the big one, especially if the fraudster in question has your email address (or other login information). Then, there are the social engineering scams – phishing and smishing are particularly nasty.

Essentially, they involve a hacker sending an email or text asking you to fork over money or click a dodgy link, right now, and they'll try to spur you to action by tailoring the message to you… based on what they can learn about you online. A similar thing happens during a romance scam. The fraudsters behind these attacks can study their targets for months to build up a really detailed idea of the kind of person they're likely to fall for – and then pretend to be that person, pretend to have the same interests, be in the same age group, etc.

The thing to remember is that anything you post online will, in all likelihood, stay online forever – and could be used against you.

6. Use a VPN 

VPNs (or Virtual Private Networks) are handy digital tools you use in the same way you would any other app or program. They're designed to protect your digital privacy, and you don't have to be a tech expert to use them.

The best VPNs encrypt your data as it travels across the web – which basically means that it'll be unreadable to any snoopers trying to take a peek. If they can't read your data, they can–t use it to commit fraud, sell it for a profit, or use it to access your other accounts. So, whether you're trying to stay safe while using Wi-Fi hotspots or scrolling through socials at home, a VPN has your back.

It's also worth noting that streaming VPNs can help you check out content from around the world, too. If you're in the US and want to watch UK-specific content on Netflix, for example, all you'd need to do is connect to a VPN server in the UK, refresh the streaming platform, and enjoy the same shows and movies that folks in the UK do. Pretty cool, right?

NordVPNThe best VPN for most people

NordVPN - from $3.39 per month
The best VPN for most people
There are a lot of VPNs on the market today, but NordVPN takes the #1 spot in our overall rankings, and is my personal favorite. It's incredibly easy to use, no matter if you're on your phone or laptop, and fast enough to keep up with HD streaming without sacrificing your digital security. Plus, it was able to unblock every streaming service I tried it with – meaning you can watch content from anywhere, anytime. Check it out today with a risk-free 30-day money-back guarantee. 

River Hart
Tech Software Editor

River is a Tech Software Editor and VPN expert at TechRadar. They’re on-hand to keep VPN and cybersecurity content up-to-date and accurate. When they’re not helping readers find the best VPNs around (and the best deals), River can be found in close proximity to their PS5 or being pushed about the countryside by the lovely Welsh weather.