You might be giving away your “security” questions on social media.

Going on social media platforms has become a regular part of our daily lives. Statistics show that 8 out of 10 people in the U.S. have a social networking profile—probably Facebook, since it’s the most popular and highest revenue-generating social media platform in the world.

One of the online activities we enjoy on this platform is participating in fun, harmless quizzes, games and surveys, and then getting to compare our results with our friends and possibly finding out fun facts about them.

Where were you born? What’s your favorite football team? And so on.

But you need to think twice next time you come across one of these—and before volunteering information.

These fun quizzes and surveys may seem harmless at first, but many security experts are warning that they could be schemes to get you to reveal secrets about yourself.

Fun questions, or security questions?

A closer look at this data-harvesting scheme (which it could be) reveals that you may be giving away the answers to secret security questions that can be used to unlock and access your online accounts.

If you think about it, you’ll realize it’s true.

Most password recovery systems ask you to choose from secret questions like…

  • “What is your favorite movie of all time?”
  • “What’s the name of the street that you grew up on?”
  • “What was the name of your first pet?”

In the context of a fun online “social survey,” you probably don’t think twice about revealing this type of historical information about yourself.

But think about this:

You may have just provided a company/game developer access to your online profile (including your email address) when you participated.

Who’s to say that your information won’t be mined by identity thieves and scammers in the future, or worse, sold to the highest bidder?

Survey…or scheme?

Here’s a real-life example of what we’re talking about.

An article on Krebsonsecurity.com described how a tire and auto repair shop in California posted a Facebook quiz with the question: “What car did you learn to drive a stick shift on?”

This is eerily like the secret question “What was the make and model of your first car?”—a question often used by banks and other companies to allow their customers to reset a password or access their online account without one.

Another example cited in the article is a variation on the security question “Where did you meet your spouse or partner?” That appeared in a Facebook post by the cartoon “Aunty Acid” and was shared almost 10,000 times and received more than 2,300, surprisingly truthful, comments. (No deceit was intended, but still.)

Too much sharing.

Falling victim to hacking and scammers is not the only possible fallout of giving away personal information about with your likes, past or preferences on social media.

There’s a saying that if you’re not paying for a product, then you are the product – and companies willingly pay big bucks to get control or influence over your buying habits and even voting preferences.

And they look for victims who use free social media platforms.

Just take the case of Cambridge Analytica who collected data from more than 50 million Facebook users without their consent to build its own behavioral models to target potential voters in various political campaigns, including U.S. President Trump’s 2016 presidential campaign.

The company advertises the ability to build (and offer up) custom target-audiences using predictive analytics, behavioral sciences and data-driven ad tech that can influence those participating in an election campaign.

“Why are you asking me that?”

So, next time you come across a fun survey, quiz or game that asks for personal or historical data about you, think twice before you click. And don’t share any so-called fun surveys with friends and family.

In fact, it would might be better (and smarter) if you avoided most surveys altogether.

And if you use a legitimate service that forces you to select a secret security question (a new credit card account, perhaps), maybe the best thing to do is not to answer it truthfully. Instead, come up with a unique answer that doesn’t reveal your life secrets.

Just make sure you remember the fake answer…in case you need it in the future.

Follow Me

Chris Parker

Chief Marketing Technologist at CGP Holdings, Inc.
Founder and Chief Marketing Technologist of WhatIsMyIPAddress.com, the leading IP address lookup site. Chris has 15+ years of experience building and managing high traffic web sites. Web developer, programmer, IT Guy.
Follow Me