As this COVID-19 crisis drags on, we’ve noticed a few new habits amongst our clients. Some have taken this opportunity to get their business in order and prepare for a resurgence. Some are just gritting their teeth and holding on. Nearly all of them have increased their time on social media. In addition to typical surfing, we’re seeing dramatic increases in people filling out those pesky Facebook quizzes about their first loves, childhood homes, mother’s maiden names, and other little-known facts. These quizzes seem innocent enough at first; however, they are a hacker’s dream. In fact, most of these quizzes are planted by hackers in hopes that people fill them out, innocently reveal their security question answers, and create an easy target to breach. Here are a few tips to keep safe.
- Just say no. We know we sound like a Debbie-Downer here, but it’s safest to just avoid Facebook quizzes altogether. Let’s paint the picture. Recently, there was a push to post your graduation photo and year “in support of 2020 graduates.” This sounds like a cute idea, but there’s a dark side. Hackers now have three pieces of information that are common security questions: where you went to high school, what year you graduated, and your high school mascot (they can easily look this up based on the information provided). Your support of graduates just opened you up to hacking. Sure, this doesn’t give up your username and password, but hackers might already have this information based on some previous phishing attempt or breach of a major database (think Target, medical records, or social media profile leaks). Now, they have the secondary layer of protection to your personal data. Alternatively, they use this information to create fake Facebook profiles that appear believable. Then, they send a bunch of friend requests to your existing friends and use it to harvest their personal data when they accept.
- Pretend everything you post is public. Regardless of your privacy settings, pretend that Facebook is a wall in the grungiest bathroom on your last road trip. Is this information that you would like posted on that wall? When you excitedly shared about your daughter’s first car, you revealed her security question information. You nostalgically told a story about your childhood neighborhood, there was another security question. It doesn’t matter if your profile is private or not. Hackers will find away.
- Give Fake Security Question information. If you just cannot refrain from taking these Facebook quizzes or posting, give fake information for your security challenge questions. For example, if the security question asks where you met your significant other, put something completely incorrect. Make sure it’s something that you will remember, but it shouldn’t be something that hackers could find published online.