Sunday, January 29, 2023
Sunday, January 29, 2023

    Facebook users unwittingly partake in viral password hint scam by ‘playing question games’

    Your Content is a nonprofit newsroom that investigates abuses of power. Sign up to receive our biggest stories as soon as they’re published.

    Get Your Content. Daily.

    Be the first to know about the biggest stories as they break. Sign up for breaking news email alerts from Your Content.

    Social media sites are littered with seemingly innocuous little quizzes, games and surveys urging people to reminisce about specific topics, and Your Content has learned the questions are nothing more than a mass phishing expedition to recover password hints.

    Popular Facebook quizzes often ask users to answer a series of sharable personal questions, ranging from the name of their pet to their birth city. Some people see them as a fun way to bond with friends, or a way to make new ones.

    - Advertisement -

    But as one local police department in Massachusetts recently noted on Facebook, many of these queries are similar—if not identical—to security questions used by banks and other institutions.

    The quizzes ask questions such as “What was your first job,” or “What was your first car?”

    It may be tempting to join your Facebook friends in taking the latest online personality test or quiz popping up in your social media feed—but police agencies across the United States are urging residents to refrain from partaking in such questionnaires.

    The problem with participating in these informal surveys is that in doing so you may be inadvertently giving away the answers to “secret questions” that can be used to unlock access to a host of your online identities and accounts.

    - Advertisement -

    The sneaky hoaxers use childish artwork and easy questions to make the post seem legitimate.

    “Just stop posting responses to this crap,” said Alan Belniak. “It’s social engineering.

    “They are designed to get password hints, among other things too.”

    When a stranger solicits personal information from you it’s normally not because they’re curious or wanting to play a fun game.

    A second concerned citizen commented on one Facebook post, claiming the question cons are using the replies to “create a massive database” and in turn “hack in bulk.”

    “They’re not going back and trying to hack the people who reply.” Kristen Northup Lindgren laid out. “The answers create massive databases of the most common answers, allowing them to hack in bulk.”

    As ABC News reports, the seemingly harmless surveys that populate your feed could wind up providing unscrupulous hackers with the answers to your online security questions.

    “Please be aware of some of the posts you comment on,” the Sutton Police Department in Massachusetts wrote in a cautionary message. “The posts that ask what was your first grade teacher, who was your childhood best friend, your first car, the place you [were] born, your favorite place, your first pet, where did you go on your first flight … Those are the same questions asked when setting up accounts as security questions. You are giving out the answers to your security questions without realizing it.”

    Hackers can use these questions to build a profile and hack into your accounts or open lines of credit, the department said. They could also trick you into clicking on malicious links.

    CBS 4 previously reported on Apr. 4, 2020 that police were cautioning that you risk exposing your personal information.

    In a post that’s been shared more than 4,000 times, the Plymouth Police Department in Connecticut sent a message in response to questions such who is your high school mascot, the street you grew up on and your mother’s maiden name.

    - Advertisement -