Quizzes on Facebook and other social media are very popular, but they can be exploited by identity thieves. A good example of this was the “10 Concerts, but there is one act that I haven’t seen live. Which is it?” Facebook quiz. While this may appear harmless, the information you provide may tell more about you than is safe to make public. It may provide information about your approximate age and preferences in music which can then be used by a scammer to send you a spear phishing email tailored to appeal to your particular interests that you may trust and click on a link contained in the email that contains either keystroke logging malware that can be used to steal your identity or ransomware.
Quizzes that ask about your favorite place to live or favorite movie characters may seem like simple fun, but may have been posted by an identity thief seeking to gather information the identity thief can use to make you a victim of identity theft. In addition, providing this type of personal information can help an identity thief determine your passwords or the answers to security questions that would enable the identity thief to change your passwords. Particularly problematic is when a pop up appears when you start the quiz requiring you to agree to allow a third-party application access to your Facebook profile. If you agree to this, you are permitting the quiz poster to gain access to your Facebook profile information, your location and much more. Don’t do it.
Recently Louisiana Attorney General Jeff Landry issued a warning about social media quizzes and surveys. According to Landry, “Online surveys and quizzes may seem harmless enough, but the truth is they can expose you to hackers and scammers. It is difficult to tell which are innocent fun and which are coves for bad actors trying to steal your identity or worse.”
We all tend to put too much personal information on social media that can be exploited by scammers and identity thieves to our detriment. My advice is to avoid the problem entirely and not play these online games. However, if you, as many people do, find these quizzes and games to be fun to play, you may want to just adjust your privacy setting to “friends only” so that you limit who gets to see your answers. You also may want to check out your Facebook profile and remove personal information such as your phone number or home address.
Be particularly aware not to provide information that can answer common security questions, such as your mother’s maiden name, the name of your first pet, your childhood stret address, your favorite food or the name of the elementary school you attended.
For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.” Scamicide has been cited by the New York Times as one of three top sources for information about Coronavirus related scams.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/