The current generation of teenagers and young adults, weirdly lumped together as Gen Z, is known for its digital fluency and trendsetting influence. But there is a massive irony: as they navigate a world of hyperconnectivity, social media and online shopping, cyberthreats are evolving just as rapidly, and catching them out precisely because they are so visible.
With a new game called “Case 404”, Kaspersky sheds light on how cybercriminals are turning “Gen Z” online habits into attack vectors. It offers practical tips to turn awareness into digital resilience:
1. Oversharing and digital footprint increase
Social media platforms like Instagram, TikTok and Snapchat are filled with geotagged selfies, daily updates and personal stories. However, this constant sharing creates an extensive digital footprint that cybercriminals can exploit for identity theft or social engineering attacks.
Oversharing can inadvertently reveal sensitive details, from home addresses in the background of photos to routines that make users predictable. Even seemingly harmless content, like a photo of their partner or pet, can provide clues for password recovery questions.
2. Fear of Missing Out
The Fear of Missing Out (FOMO) refers to the anxiety or unease that arises from a fear of being left out or not being part of the latest updates or connections if they don’t follow what other people are doing on social media. FOMO is a powerful driver for young users, fuelled by social media updates about product launches, concerts and events.
Seeing peers attend events, acquire new products or achieve milestones can lead to feelings of inadequacy or exclusion. Whether it’s a new iPhone drop, Taylor Swift’s Eras Tour or a major sporting event, FOMO can push users to click on unverified links promising early access or exclusive deals.
Example of a phishing page offering a new iPhone 16 Pro Max.
Cybercriminals exploit this urgency by creating clickbait phishing schemes, leading users to malicious sites that steal login credentials or distribute malware. Fake event tickets, pre-order scams and “leaked” insider information are just some of the tactics used to manipulate this fear.
3. Nostalgia of Y2K fashion and early 2000s culture
For those born between the mid-1990s and the early 2010s, the period that defines Gen Z, Y2K fashion represents a blend of nostalgia for a simpler, pre-digital time and a desire to reinvent those styles with a modern twist. Platforms like TikTok and Instagram have amplified Y2K’s resurgence, with influencers recreating vintage looks and sharing thrifted finds. Hashtags like #Y2Kfashion and #Y2Kaesthetic have garnered billions of views.
This fascination with early 2000s culture, from Y2K aesthetics to childhood games, has revived interest in retro titles like The Sims 2, Barbie Fashion Designer and Bratz Rock Angelz. While these games evoke nostalgia, searching for unofficial downloads often leads users to malware-infested sites. Cybercriminals target this niche interest by embedding malicious software into counterfeit game files. What seems like a trip down memory lane could result in compromised devices or stolen data.
4. Fast Fashion
The stereotype of these generations is that they love expressive clothes, want to stand out rather than fit in and have an ever-changing style — what was in a month ago might already be out. Such trend-chasing habits are supported by fast-fashion retailers supplying accessible ways to switch it up. For instance, Chinese fast-fashion giant Shein, loved by teenagers, adds 6,000 new products to its website per day.
A phishing scheme luring users into a trap by creating a sense of urgency with a limited discount.
For its customers, fast fashion is more than just a shopping preference; it’s a lifestyle. Fast-fashion brands like Shein, ASOS and Fashion Nova deliver affordability and instant gratification, making them staples for this generation. However, the allure of these brands comes with a dark side. Fake shopping websites, hoax promocodes and phishing ads capitalise on their popularity, using convincing imitations to lure users into entering their sensitive details. The higher the engagement in online shopping, the higher the risk of encountering fake websites and phishing scams designed to steal personal and financial information.
5. iDisorder
Young adults face a phenomenon called iDisorder, a condition where the brain’s ability to process information changes because of overexposure to technology. This obsession with technology can result in psychological, physical and social disorders, including depression and anxiety. This is proven by public research: one in three 18- to 24-year-olds now report symptoms indicating they have experienced such mental health problems.
That is why they are extensively turning to digital tools like teletherapy platforms and mental health trackers to alleviate stress. However, these platforms store highly sensitive personal information, including emotional states, therapy notes and user routines. If breached, this data could be exploited for blackmailing or phishing.
“Trends may evolve rapidly, but the underlying cyberthreats remain constant,” says Kaspersky privacy expert Anna Larkina. “Whether it’s leveraging love for online shopping, capitalising on the urgency created by FOMO or targeting the growing use of mental health apps, attackers are quick to turn popular behaviours into opportunities for phishing, scams and data breaches.
“Start by taking control: verify links and websites before engaging, use strong, unique passwords and enable two-factor authentication for an extra layer of security. Be mindful of what you share online and, most importantly, remember that staying informed is your best defence. Cybersecurity is about empowering yourself to navigate the digital world confidently and safely.”
For users to stay safe in the digital world, Kaspersky recommends the following:
- Check out the interactive online game, “Case 404” by Kaspersky, designed for Gen Z to learn how to stay safe in an increasingly vulnerable online world.
- Think before you post: don’t share photos revealing your home, routine or personal details that could be used in password recovery.
- Don’t fall for urgent offers: verify discounts, pre-orders or ticket links through official websites only.
- Always check website URLs carefully before entering personal info. Scammers often mimic brand names or use fake domains.
- Use trusted payment methods when shopping online and avoid deals that look “too good to be true”.
- Mental health apps store sensitive data. Choose services with strong privacy policies and don’t overshare personal information.
- Be cautious of file extensions: videos or games should not come in .exe or .msi formats. That’s a red flag.
- Use a reliable security solution, like Kaspersky Premium, to detect malicious attachments that could compromise your data.
- Ensure secure browsing and safe messaging with Kaspersky VPN, protecting your IP address and preventing data leaks.