Have you ever been browsing Facebook and seen a quiz encouraging you to answer seemingly innocuous personal questions? Some people also create threads on Facebook or Twitter asking people to answer these questions or quizzes “for fun”:
“Who was your first-grade teacher, and how did he or she impact your life?”
“Quiz: How popular is your pet’s name?”
“Answer these three questions to learn your Royal Guest name!”
These questions aren’t innocuous – they are the keys to your most sensitive information.
Businesses often require you to answer security questions in order to gain access to your online accounts. When you sign up for a web account with companies including banks, investment advisories and healthcare providers, they will ask you to provide your answer to one or more security questions – personal questions that only you are likely to know the answer to.
There are many circumstances where they’ll ask you to provide the answer to these security questions. If you attempt to access your account from an unknown computer, if you’ve forgotten your password, or if you’ve tried and failed to enter your password correctly, you’re likely to need more than just your username and password to gain access to the site. They’ll also ask you one of your ‘security questions,’ and they need the answer you provided when you first signed up for an account.
Once hackers see these security questions, they know it’s probably time to move along to another victim. Even if they obtained your username and password through a data breach, they probably didn’t get the answers to your personal security questions. And these questions are selected because it’s very hard to find the answers to these questions online.
Unless, that is, you completed one of these quizzes or responded to a post asking for your answers to these questions. If hackers are able to tie your Facebook account to your answers to these quizzes, they have exactly what they need in order to drain your bank account.
So, if you see these quizzes online, don’t answer them! Even if the quiz is forwarded by someone you know, it’s still not safe to answer – once that information is online, it’s very difficult to control who might see it in the future. Your acquaintance doesn’t know that by participating in this “game” they’ve been duped into helping hackers access their friends’ most sensitive web accounts. If you let them know, they’ll probably thank you, and you could be saving someone from losing their savings or giving a hacker the keys to stealing their identity.
To learn how WingSwept can help you protect your business from Cyberfraud, call us at 919-460-7011 or email us at Team_WingSwept@WingSwept.com.