Younger People Less Likely to Report, More Likely to Fall Victim to Cyber Crime

A recent study by Atlas VPN reveals that younger individuals aged 18 to 40 are significantly less likely to report cybercrime. The study is based on a survey conducted by the National Cybersecurity Alliance involving 2,000 participants from the US and UK.

The annual cybersecurity survey aims to identify the public’s attitudes and trends regarding cybersecurity. Not only did it find that individuals tend to underreport cybercrime, but it also identified worrying attitudes and a lack of education, awareness, and training regarding cybersecurity in a business context.


LIFAR’s interactive training modules deliver stimulating and engaging learning experiences to your employees, equipping them with the tools and resources they need to be successful active participants in the cybersecurity process. Equip your employees with the tools and resources they need to be successful in your cyber security process.


Among all the respondents, over one-third (34%) reported that they have fallen victim to a damaging cybercrime. Another 19% indicated that they had fallen victim to identity theft.

However, relatively few victims seem to report cybercrime to the authorities. 61% of cybercrime victims didn’t report the incident, while 34% of identity theft victims remained silent as well.

The real surprise came when breaking down the rate of reported incidents by age group. Generally, the impression is that it’s older individuals who are less tech-savvy and more vulnerable to cybercrime. However, in contrast, it’s younger individuals who are less likely to report these incidents.

The percentage of individuals that reported cybercrime incidents among each age group were:

  • Gen Z (24 and under): 21%
  • Millennials (25 – 40): 32%
  • Gen X (41 – 56): 43%
  • Baby Boomers (57 – 75): 64%
  • Silent Gen (76+): 55%

It’s a similar story when it comes to identity theft:

  • Gen Z (24 and under): 35%
  • Millennials (25 – 40): 54%
  • Gen X (41 – 56): 71%
  • Baby Boomers (57 – 75): 85%
  • Silent Gen (76+): 80%

So, younger generations, such as Gen Z and Millennials, are far less likely to report cybercrime or identity theft. Why is that?

Unfortunately, this is not great news as 51% of Gen Z and 44% of Millennials have experienced harmful cyber activity – the highest among any group. The same goes for identity theft, experienced by 24% of Gen Z and 25% of Millennials.

The cause behind this is not totally mysterious as Gen Z and Millennials both tend to use the most internet-connected devices during a typical day and spend more time online. Only Desktop computers were used more by older generations. As we know, it’s more likely that someone has proper anti-virus or other protections installed on their desktop computer.

Still, younger generations seem to be disproportionately targeted. While the study couldn’t offer an immediate reason for this, it may come down to a more blasé attitude towards cybercrime.

Through anecdotal answers, some reasons have been identified as to why younger generations are less likely to report these incidents:

  • Building apathy as a result of the frequency and ubiquitous nature of cyber-attacks.
  • A feeling among individuals that they have nothing worth stealing.

Another worrying trend was a lack of awareness surrounding what should be commonsense cybersecurity practices. For example, nearly half (48%) of respondents weren’t familiar with MFA (multi-factor authentication), a technique that can block up to 90% of cyber-attacks. 64% of respondents also indicated that they have no access to any form of cybersecurity training or education.

It is even more worrying for businesses that 53% of full-time and part-time respondents view themselves as either “least responsible” or very marginally responsible for their organization’s cybersecurity.

The good news is that 85% of respondents indicated that online security is important to them, and 76% prioritize it. However, a relatively high 41% still find staying secure frustrating and intimidating.

39% also said that it’s confusing to try and stay secure online, while 43% said it’s simply too expensive.

Clearly, the public seems to be aware of the importance of cybersecurity, even among individuals. However, there also appears to be a lack of resources and formal opportunities to gain better education and awareness surrounding this important topic.

This seems to particularly be the case in business settings where individuals fail to see their importance to the overall picture from a security standpoint. Only by properly investing in cybersecurity programs to train and educate their employees can organizations hope to correct this.



The Annual Cybersecurity Attitudes and Behaviors Report 2021