Older generations aren’t as likely to be overconfident about their ability to outsmart phishing attacks than Gen Zers, according to a recent Google report. The report, in partnership with Harris Poll, found that despite negative stereotypes, older generations are more aware about security concerns and concepts than their younger counterparts.

The report surveyed 3,000 US adults between the ages of 16 and 50+ to determine their beliefs and practices regarding online security. Gen Zers aren’t as well-versed in security practices as they think they are, the report found. While 71% said they are too smart to fall for a phishing scam, only 44% said they actually know what “phishing” means.

SEE: Phishing attacks: A guide for IT pros (free PDF) (TechRepublic)

Some 65% of respondents ages 25 to 49 said they are confident they won’t fall for phishing attacks, and 53% said they know what phishing means. As for Baby Boomers, only 55% were confident, but 71% said they understand what phishing is, the report found.

Older generations appear to have better cybersecurity knowledge and practices than younger tech users, the report found. Password reuse was the highest among Generation Z, with 78% saying they used the same password for multiple accounts online.

While Gen Z may think they know more about cybersecurity risks and procedures than their older counterparts, the data says differently. Baby Boomers proved to have a better understanding of the importance in software updates than younger generations: 84% said they believed updating security software is absolutely essential, while 61% of Gen Zers said the same.

Baby Boomers also demonstrated a greater overall understanding of phishing schemes, according to the report, leaving younger generations vulnerable to attack.

How to avoid phishing attacks

The report identified the following four actionable tips users can implement to stay safe online:

  1. Set up recover phone number/email address
  2. Use unique passwords for your accounts
  3. Keep software up to date
  4. Set up two-factor authentication

For more advice on how to protect your business from an account takeover attack, check out this TechRepublic article.