Menu
Blog.

Cyber Security Month Blog 1: Social Quizzes

Published On: 4th October 2018

Online social quizzes

We all like a quiz, well maybe some people more than others? I mean, I do love a pub quiz and I can’t help but join in, but it doesn’t mean I’m any good! Pub quizzes throw in the music round and you listen to the song, you sing along with it, as you know the words to the chorus, but can you come up with the artist who sang it, let along the song title…. no! The point is quizzes are fun and we like to test our knowledge, it’s a social thing.

So how about quizzes online, you know the ones all your friends play along with on Facebook to your test personality or reveal personal meanings? “What’s your favourite film of all time?”, “Who was your favourite band in the 60’s, 70’s, 80’s, 90’s etc.”, “What’s the name of the street you grew up on?”, “What’s the name of your first pet”…. do you join in?

Maybe you or your friends have joined in with quizzes like “Which Harry Potter character are you?”

Whether you join in these quizzes or not, if your friends do, then there is a chance that they have shared their friends list (which includes you), with the entity who commissioned the quiz.

You see, every time you or your friends join in with a social online quiz, your personal information your birthday, age, friends, photos, location, gender, sexual orientation, religion etc. is potentially being given freely to a 3rd party.

This behaviour is great from a hacker’s perspective. This type of hacking technique is known as social engineering and commonly used to support an attack, as information is being given away freely to an unknown party, which then can be sold on or used with other information, such as your email address, to attempt access to online accounts.

Often websites ask questions with the answers you gave in the quiz, which in turn provide potential responses to secret password reset questions. A script could then be run by a malicious person, which automatically tries all the combinations of responses you provided as answers in the quiz or as part of your social profile in the hope of obtaining access to one of your online accounts, hopefully not your email account. Free shopping vouchers?? That’s also likely to be a scam to gather your information, so remove them from your social feed.

So, what can you do to keep information safe?

  • Don’t join in these quizzes and encourage your friends and family not to do them either
  • Use different types of information to support the online environment. For example, a response to a question would be different for a bank and\or work system compared to a personal use system.
  •   Use a technique to add additional characters to make passwords more complex, called ‘salting’. For example:
    • For personal use – !7!-password-!7!
    • Work Use – www-password-www
    • Banking use – *£*password*£*
  • Use strong passwords and never the same password on more than one site. Use a password manager like Lastpass, Dashlane, RoboForm etc. to record the different passwords. Don’t use Excel or back of a diary to make notes.
  • Amend your Facebook privacy settings https://www.facebook.com/help/443357099140264/
  • Set up additional protection on sites like Facebook, Google etc. by adding two-factor authentication, so if a malicious person tries to access your account, there is an additional step to go through and you will be notified.
  • Install anti-malware software (also known as anti-virus software) on your home computers, including mobile phone and tablets. If you need software, you could check AV-TEST who provide a website[1] with the results of independently test anti-malware software.
  • Blacklist or block any quizzes or free shopping vouchers scams, they will soon disappear from your timeline feed.

Read more, articles related to social quizzes:

https://www.fightidentitytheft.com/blog/facebook-quizzes-sharing-your-private-data

https://krebsonsecurity.com/2018/04/dont-give-away-historic-details-about-yourself/

http://www.bbc.co.uk/news/technology-34922029

Facebook ‘Most Used Words’ game accused of stealing and selling user data

https://www.lifewire.com/advantages-and-disadvantages-of-social-networking-3486020

 

Footnotes

[1] https://www.av-test.org/en/antivirus/home-windows/

Article Author.

Jennie Cleal

Senior Consultant - Information Security
Jennie is a focused, strategic leader with a proven ability to encourage and motivate others. She has excellent people skills... Read More From Jennie Cleal

Our Latest Insights.

Our work means different things to different clients and we wanted to share some details of the projects we have managed to give you an insight into our capabilities and the impact we have delivered as a business.

 

View All Insights

Say Hi.

Did you like what you read? Did you want to find out more about the subject? Or did you simply want to get in touch with us? Either way if you would like to get in touch with us you can do so using the form on the right.

Every now and then, Gemserv would like to send you information about our products and services that are relevant to you. By submitting your details lets us know that you’re OK with this and that you also agree to our privacy policy. You can, of course, opt out of these communications at any time!

Get In Touch

Want to find out more?

Follow the links below find out more about the services we provide, our insight into the industries we serve or the opportunities available with us.
Services Our Insights Careers