Millennials are suffering from cognitive dissonance when it comes to cyber fraud, according to a new survey from TransUnion.
Almost half of Generation Y, which the credit reporting agency defines as between the ages of 18 to 34, say they’re extremely or very concerned about cyber crime, compared with 36% of Baby Boomers (55 to 70). Yet millennials commonly engage in behavior that makes them susceptible to hacking. For instance, 86% store bank account information on their phones, and 84% check financial accounts while connected to less secure public Wi-Fi networks. Boomers are much less likely to do either—only half say they check accounts on mobile devices—though whether that’s because they’re more savvy about security or less comfortable with technology is hard to say.
In either case, young Americans are opening themselves up to all kinds of mischief. For instance, only one-third lock their phones with a password. That’s kind of perplexing. If millennials are so fluent in technology and understand that their actions put them at greater risk of being hacked, why don’t they take steps to strengthen their security?
The answer may be a belief that companies will protect them if their data gets stolen.
“We’re finding that among millennials, more so than older generations, there’s the thought that if something happens, wherever that problem occurs from will take care of it for me,” says TransUnion senior vice president Ken Chaplin.
While it’s true that credit card fraud is unlikely to result in significant hardship for the victim—most cardholders are exempt from any fraud charges at all—identity theft is another matter. In that case, the hacker can open lines of credit in your name that you didn’t even know existed. And younger consumers who grew up with a surfeit of technology need to appreciate the consequences of ID theft, including ruined credit scores, compromised medical histories, and stolen tax refunds, among other dangers.
What can you do to shore up your defenses?
Simple fixes, like password-protecting your phone and not logging into bank accounts using public Internet access, are a start. Also consider more complex passwords and enabling two-factor authentication for your email account. A little vigilance goes a long way, no matter what age you are.
Read next: 5 Terrifying Facts About Identity Theft