Multiple jobs are a daily reality for many people ā and each one comes with itsĀ security risks
The Gen Z trend of āpolyworkingāĀ ā juggling multiple jobs at once ā is creating new cyber-security challenges, as each additional role increases the risk of attacks on both individuals and corporate networks. Between 2024 and 2025, Kaspersky detected over six million attacks disguised as work tools, along with scams posing as job offers on Indeed, Glassdoor and similar platforms.
For Gen Z, working one job is no longer the norm ā itās an exception. While the concept of juggling multiple jobs isnāt entirely new, this generation (born 1997ā2012) is accelerating the trend of polyworking. The term refers to juggling multiple income streams simultaneously, combining freelance gigs, side hustles, passion projects and part-time or full-time employment. According to public research, almost half (48%) of this generation already have a side job, which is the highest rate among all generations. But while polyworking brings autonomy, flexibility and financial resilience, it also opens the door to new cyber-security risks.
Managing multiple job roles also means navigating an ever-expanding digital environment. Each additional role brings with it new inboxes, project management tools, communication platforms and external contacts. This can result in dozens of apps and accounts operating simultaneously ā from Microsoft Teams and Outlook to Slack, Zoom and Notion.
While these platforms are designed to streamline collaboration, they also dramatically widen the attack surface. Cyber criminals may take advantage of this complexity, launching phishing emails through compromised business accounts, embedding malware in fake calendar invites or sending malicious links via chat apps disguised as legitimate coworker messages. The more tools in use, the harder it becomes to verify every interaction, creating the perfect conditions for social engineering and accidental breaches. Current top targets are Zoom, Microsoft Excel and Outlook, followed by OneDrive and Microsoft Teams.
Too many channels
With the rise of so many new income platforms, alongside more traditional job search sites, there also comes an increased cyber-security risk. As Gen Z explores opportunities across Fiverr, Upwork, Behance and LinkedIn, they are increasingly targeted by phishing schemes disguised as legitimate job offers. From July 2024 to June 2025, Kaspersky experts detected over 650,000 attempts to visit phishing pages disguised as LinkedIn alone. Cyber criminals can exploit the urgency and informality of freelance culture, sending fake recruitment emails, contract attachments or messages with malicious links that promise āquick gigsā or āexclusive offersā.
The sheer volume of communication Gen Z receives across inboxes, messengers and gig platforms widens the scope of attack, making it easier for threats to slip through unnoticed. What might look like a promising freelance opportunity may in fact be a trap designed to steal login credentials, deploy malware or compromise payment information.
Managing access to a growing number of platforms ā ranging from project tools and gig marketplaces to payment systems and internal workspaces ā often leads to shortcuts. In the rush to stay productive across multiple jobs, workers may frequently reuse passwords or rely on simple, easy-to-remember combinations. While convenient, this practice dramatically increases the likelihood of account compromise. A single weak or repeated password used across multiple roles can serve as a gateway for cyber criminals, allowing them to move laterally between accounts, steal sensitive information or even launch further attacks using the victimās identity.
Shared environment
The situation is further complicated by device usage. Many polyworkers operate across multiple gigs using the same personal laptop or smartphone ā without segmentation between their work and personal environments. This overlap makes it easy for sensitive client files or corporate credentials to be saved on unsecured devices or public cloud storage solutions like Google Drive or Dropbox.
In some cases, these workers also install unauthorised software or browser extensions to streamline their multitasking ā a practice known as āshadow ITā. While helpful in the short term, these unauthorised apps may have vulnerabilities or operate with unclear data-sharing policies, increasing the attack surface across all jobs. The danger here isnāt limited to individual freelancers. One compromised account, such as a hacked Fiverr login or an email phishing incident tied to a side project, can cascade into much larger breaches if the same credentials are reused for corporate systems. For organisations hiring remote contractors or allowing BYOD (bring your own device) practices, this raises serious questions about endpoint security and credential management.
Gen Zās work-life-tech overlap creates a unique kind of cognitive overload. This constant multitasking increases the risk of mistakes: sending a wrong file to the wrong client, overlooking a phishing email or misconfiguring access permissions. Itās not about carelessness ā itās about the sheer volume of digital demands pulling attention in all directions. And in cyber security, even one small lapse can have big consequences.
Take measures
To avoid falling victim to cyber criminals, separate work and personal environments. Use different devices for personal and professional tasks to reduce cross-contamination risks. Watch out for fake tool updates ā download work tools like Zoom or Teams only from official websites or app stores from trusted developers, not from third-party links or emails.
Use strong, unique passwords and avoid reusing passwords across platforms. Use a password manager to securely store and generate strong passwords. Avoid installing unofficial browser extensions or apps for productivity unless theyāre verified and approved ā especially on work-connected devices.
Slow down when dealing with urgent messages or unfamiliar contacts. Phishing often thrives on rushed decisions. Enable multi-factor authentication (MFA), especially for email, cloud storage and freelance platforms. Use a reliable security solution to detect malicious attachments that could compromise your data. And ensure secure browsing and safe messaging with a VPN, protecting your IP address and preventing data leaks.
Text |Ā Evgeny Kuskov
Photography |Ā Artie Medvedev
Evgeny Kuskov is a Security Expert at Kaspersky.
For more information, go toĀ kaspersky.co.za.
