11/08/2025

LYFE MONDAY | AUG 11, 2025

FOLLOW

ON INSTAGRAM

24

Malaysian Paper

@thesundaily @t

Hustle lifestyle feeds cyberattacks o Gen Z’s polyworking trend creates new internet security challenges

T HE new Gen Z trend of “polyworking” – juggling multiple jobs at once – is cre ating new cybersecurity chal lenges, as each additional role increases the risk of attacks on indi viduals and corporate networks. From the second half of 2024 to the first half of 2025, Kaspersky has detected over six million attacks disguised as work tools, along with scams posing as job offers on Indeed, Glassdoor and similar platforms. For Zoomers, working one job is no longer the norm – it is an exception. While the concept of juggling multiple jobs is not entirely new, this generation (born 1997– 2012) is accelerating the trend of polyworking. The term refers to juggling multiple income streams simultaneously, combining freelance gigs, side hustles, passion projects, and part- or full-time employment. According to public research, almost half (48%) of Gen Z members already have a side job, which is the highest rate among all generations. But while polyworking brings autonomy, flexibility and financial resilience, it also opens the door to new cybersecurity risks – many of which they may be unaware of. Too many tools, too little control Managing multiple job roles also means navigating an ever-expanding digital environment. Each additional role brings with it new inboxes, project management tools, communication platforms and external contacts. For polyworking users, this can result in dozens of apps and accounts operating simultaneously – from Microsoft Teams and Outlook, to Slack, Zoom and Notion. While these platforms are designed to streamline collaboration, they also dramatically widen the attack surface. Cybercriminals may take advantage of this complexity,

launching phishing emails through compromised business accounts, embedding malware in fake calendar invites, or sending malicious links via chat apps disguised as legitimate coworker messages. The more tools in use, the harder it becomes to verify every interaction, creating the perfect conditions for social engineering and accidental breaches. According to the cybersecurity and anti-virus software’s experts, about six million attacks disguised as platforms or content are related to 20 popular work tools. The top targets were Zoom (3.85 million), Microsoft Excel (835,179), Outlook (731,025), OneDrive (352,080) and Microsoft Teams (151,845). In one of the many scams uncovered by its researchers, users were tricked into downloading a supposed Zoom update from a phishing page, which in reality was malware in disguise. Job platforms With the rise of so many new income platforms, alongside more traditional job search sites, there also comes an increased cybersecurity risk. As Zoomers explore opportunities across Fiverr, Upwork, Behance and LinkedIn, they are increasingly being targeted by phishing schemes disguised as legitimate job offers. From July 2024 to June 2025, its experts detected over 650,000 attempts to visit phishing pages disguised as LinkedIn alone. Cybercriminals can exploit the urgency and informality of freelance culture, sending fake recruitment emails, contract attachments, or messages with malicious link that promise “quick gigs” or “exclusive offers”. The sheer volume of communication Gen Z receives across inboxes, messengers and gig platforms widens the attack surface, making it easier for threat actors to

Experts have detected over 650,000 attempts to visit phishing pages disguised as LinkedIn alone.

these unauthorised apps may have vulnerabilities or operate with unclear data-sharing policies, increasing the attack surface across all jobs. The danger here is not limited to individual freelancers. For organisations hiring remote contractors or allowing BYOD (bring your own device) practices, this raises serious questions about endpoint security and credential management. To help Gen Z navigate the digital risks that come with their multi hustle lifestyle, the software designed Case 404, a game that simulates real world scenarios they face daily, specifically for Gen Z. Through immersive storytelling and challenges inspired by phishing attacks and credential leaks, the game helps players recognise cybersecurity threats and teaches them how to spot risks before mistakes happen.

move laterally between accounts, steal sensitive information or even launch further attacks using the victim’s identity. Personal devices and shadow IT The situation is further complicated by device usage. Many Gen Z polyworkers operate across multiple gigs using the same personal laptop or smartphone – without segmentation between their work and personal environments. This overlap makes it easy for sensitive client files or corporate credentials to be saved on unsecured devices or public cloud storage solutions, such as Google Drive or Dropbox. In some cases, polyworkers also instal unauthorised software or browser extensions to streamline their multitasking – a practice known as shadow IT. While helpful in the short term,

slip through unnoticed. What might look like a promising freelance opportunity, may in fact be a trap designed to steal login credentials, deploy malware or compromise payment information. Poor password hygiene Managing access to a growing number of platforms – ranging from project tools and gig marketplaces to payment systems and internal workspaces – often leads to shortcuts. In the rush to stay productive across multiple jobs, Gen Z workers may frequently reuse passwords or rely on simple, easy-to-remember combinations. While convenient, this practice dramatically increases the likelihood of account compromise. A single weak or repeated password used across multiple roles can serve as a gateway for cybercriminals, allowing them to

Cybercriminals may take advantage of the complexity of polyworking.

Almost half (48%) of Gen Z members have a side job. – PICS FROM 123RF