Are you a Facebook user? Facebook remains a top social media site for the general population. Besides being a great way to connect with friends and family, be warned that Facebook is also a prime data mining tool for corporations and identity thieves.
One common way companies and fraudsters grab your Facebook personal information is to tease you with a fun quiz, where you think you’re playing a game. But essentially, you’re voluntarily giving up your information —just because it’s fun.
Have you seen these tempting quizzes in your Facebook feed?
- Which Disney princess are you?
- Which Thanksgiving food are you?
- What’s your elf name?
- Which emoji should you be reincarnated as?
Sounds pretty innocent doesn’t it? What harm is there in giving up the model of your first car, mother’s maiden name and favorite food, just to find out your Disney doppelganger is Belle? Oh, plenty…only because those are the exact same security questions many online services (like your bank, for example) ask for.
Whoever is behind the princess quiz now has your Facebook page, your location, your friends, your photos and perhaps a wealth of other personal information about you. Sometimes this harvested data is used for marketing purposes, but this is also how your identity may be stolen to set up bogus accounts —and you helped!
Hackers can use the data to steal your money, or pretend to be you to steal someone else’s money. Even worse, you were so thrilled to be associated with Belle that you shared this with your Facebook friends and invited them to join in. You’ve given out the answers to your security questions without realizing it. Consider, too, that some quizzes can even direct you to a phishing page or malware site without your knowledge.
If you’ve taken one of these quizzes lately, it might be a good idea to keep an eye on your accounts by setting up account alerts.
More proactively, when setting up secure accounts, you can create fake answers for password recovery questions so they’re harder to crack. It might be easy enough for Facebook scammers to figure out your mother’s maiden name, so leave an easy-to-remember false name instead. Even better, why not just pass on the temptation to take another quiz next time?
Gain a better understanding of how data mining works and how to be more aware of any red flags. The Better Business Bureau (BBB) offers up some tips to avoid social media scams.
- Before you take a quiz, can you tell who created it? Is it a brand you trust?
- Review your social media account’s privacy settings and be strict about what information you share and who you share it with.
- Remove personal details from your profile—don’t share information like your phone number or home address.
- Don’t give answers to common security questions: Be cautious if the questions in a quiz ask for things like your mother’s maiden name, the street you grew up on or names of the schools you attended.
- When setting up security questions, try not to choose vehicle make and model, birthdays, family members’ names, first job and favorite foods or colors.
- Don’t accept friend requests from people you don’t know. And be cautious of any new friend requests from friends already on your list. (This is a big issue with scammers copying pages and friending all of the friends on the list, etc.). It’s always best to verify (offline, if possible) if the request is legit.
Remember, it only takes tiny bytes of data for a hacker to build a profile they can work with. The security of your identity begins with you.
For more information and related articles, visit Cyber Security on our Financial Know-How page.
Resources: Better Business Bureau, Pioneer.net, Cyclonis Ltd.