Social Media Engineering

Social Media Engineering – Why You Should Think Twice Before Taking that “Harmless Quiz”

Most of us are working from home right now.  Maybe we have a little more time on our hands than usual.  It’s even possible that we spend more time than we used to on social media trying to keep up with family and friends. If you’re like me you’ve seen folks posting a “get to know you” quiz with a million personal questions.  While it may seem fun to glean additional tidbits about your family or friends, the intention behind the quiz may be more sinister than you think.  I like to call this social media engineering.

What to look for

Most of the quizzes you see on social media will look something like this.

What most of us probably don’t consider is the large amount of personal data that you’re putting out on the web by doing a “fun quiz” with your friends online.  In fact, many of these quizzes have been designed specifically by bad actors to capture personal data they can use to answer challenge questions on your account to gain access. Think about it.  You answer a quiz with questions about what street you grew up on, your favorite color, your favorite pet, and your mothers maiden name.  What does that sound like?  To me it sounds like the security questions I have set up on my bank account.  That anybody with bad intentions can now grab and steal my identity with. That’s not to say that all these quizzes are completely malicious.  It’s very possible that there are a bunch that are completely innocent and are just for fun.  I’m just hoping we can stop and think a little before posting personal information online.

Social Media Engineering – What to do

The good news is that the solution to this problem is very simple.  Don’t do quizzes online that put your personal information out there for the entire world to see.  That’s really the solution. Other articles may recommend changing your security settings on your social media or being careful to privately share that with individuals instead of publicly posting.  Personally, I don’t think it’s worth the risk.  Just don’t do it.  If you really must know the name of the street your friend grew up on call them and have a conversation on the phone.

Stay safe out there

We may all be at home for a while and living more online than ever before.  Please be cautious of sharing personal data with ANYONE.  Especially in a public forum such as social media.  Use 2 factor authentication whenever possible to secure your logins and be a generally suspicious person.  Take the time to think before you post, and we can all stay safer as a result. As always, your team at i.t.NOW is here to help.  Don’t hesitate to get in touch if we can ever be of assistance with your technology needs.