As an IT professional, you’ve got a sixth sense about scams that kicks in on social media. That’s why it’s probably frustrating to see your family and friends on social media posting funny memes with crazy questions. It’s all in fun, and we learn interesting things about each other from the seemingly innocuous questions.
However, you know that these questions or challenges are often developed and planted by hackers and bad actors who are trying to steal credentials and login information. Most people think they won’t fall prey to such scams. But there is something lulling about social media. You’re at home, relaxed, reading about your friends and submitting to peer pressure when you see people answering fun questions. You don’t care that the entity posting the question is anonymous, faceless, and strange. Answering those questions are sort of like hitting the buzzer on Family Feud—you just want to hit the button and blurt out an answer as fast as you can!
Some of the best questions are designed for:
Because you care about your friends and family, you may want to share this article with them. Otherwise, no matter how many times you tell them not to answer these silly questions on social media, someone you know or care about is going to participate.
Don’t Play Along! Tips on Spotting Social Media Phishing
Here are a few examples of the questions or challenges that you should NEVER ANSWER on Facebook:
Notice some of these questions challenge your memory skills. These are particularly attractive to people who love quizzes and memory games. People also like recognizing a loved one or sharing a bad experience with their first car. The questions are meant to be fun, engaging, and ripe for social sharing.
The hackers know what they are doing. These questions are social engineering attempts to gather and harvest answers to security questions that most online accounts require. Recall that when you forget your password, your security questions might be about your first car, your mother’s maiden name, the first concert you attended, etc. Hackers not only use this information to break into your accounts but they also buy and sell this information on the dark web, a place on the internet that’s like Google for the bad guys where they love taking advantage of people who like to talk about themselves.
Here are some ways to avoid revealing such sensitive information.
Bad actors are seemingly always two steps ahead of everyone, but you can help employees protect themselves with the tips above. In the end, you’ll be doing them a great service while also helping protect your own organization.