Social media “quizzes” can leave you wide open to breaches

We’ve all hit that point in the road where our brains can’t remember another thing, like the password for our email account. So what do we do?

We just hit ‘reset my password,’ and punch in a new one.

Often; however, there are security questions we’re asked first, to verify our identity. Questions that only we know the answers to.

What random stranger would guess that my first dog’s name was “Mac”?

Well, unfortunately, many people are voluntarily giving up the answers to most common security questions without even realizing it.

We’ve all seen them, and many of us have taken part in them. Popular social media ‘quizzes’ that have you answering those questions without even realizing that it’s not just some game, it’s a fishing, or phishing, expedition; data mining hundreds of accounts.

RCMP say many social media quizzes are designed to get those answers. “Be careful what you reveal about yourself online.”

In the worst cases, criminals can use online quizzes to plant malware or steal personal information. In a recent example, Ukrainian hackers lured over 60,000 Facebook users to take online quizzes that installed malicious extensions in their browsers.

The data-scraping extensions then secretly sent those users’ profile information and friends lists to the hackers. Information like this often becomes fodder for further crime such as phishing campaigns or impersonating people in online scams.

In another case, a survey about concert attendance was used to gather answers to common security questions used for financial and other accounts.

If you’ve ever had people tell you they received a second friend request from you on Facebook, that harmless “quiz” you took may have been the culprit.

Even legitimate quizzes often gather information that can be used to barrage users with targeted advertising.

Next time you see a popup or banner ad for a social media quiz, look at the fine print. They typically say that by participating, you are agreeing to the social media site’s terms of use.

Experts who develop anti-virus software say: “Phishers have now learned to exploit game mechanics and further tap into people’s curiosity and desire for freebies. In the process, phishers have made Internet users receptive to them, without users realizing it.

“While it may be fun to waste time on quizzes a contact happens to have shared on Facebook, it would be wise to give it a pass, and perhaps warn the poor fellow via PM that he might have been duped to give up his personal information to scammers.”

The following are tips for avoiding social media scams:

•Be skeptical: Before answering a quiz, figure out who created it. Is it a brand you trust? Just because something appears to be fun and innocent, doesn’t mean there isn’t an inherent risk.

• Adjust your privacy settings: Review the social media account’s privacy settings and be strict about any information that is shared – and be mindful of who you are sharing it with.

• Remove personal details from your profile: Don’t share information like a phone number or home address on social media accounts.

• Don’t give answers to common security questions online: Be cautious if the questions in a quiz ask for things like your mother’s maiden name, the street you grew up on, previously owned vehicles, favourite foods, or the name of your high school.

• Monitor Friend Requests. Don’t accept friend requests from people you don’t know. Also be wary of a second friend request from someone you are already connected with; the second profile may be an imposter trying to access your data and your Friends list.

READ THE FULL STORY IN THE MAY 5 EDITION – ON NEWSSTANDS NOW OR BUY THE DIGITAL COPY BELOW:

Never miss an issue – become a subscriber today! Click here!

Studies prove, Community Newspapers are still the most effective medium for getting a message out there in towns and villages like ours across the prairies. Attract LOCAL customers by supporting LOCAL media.

ADVERTISE!

ads@thecommunitypress.com

Leslie Cholowsky
Editor

Sign In

Register

Reset Password

Please enter your username or email address, you will receive a link to create a new password via email.