Stay calm and step away from that Facebook quiz!
Because nothing is free. And if you're not paying for the product, you are the product.
Do those questions seem familiar?
They should.
They’re the kind of security questions financial institutions and other businesses use to verify your identity when you need to reset your password.
They’re also the questions you see all the time in those quizzes that pop up in your Facebook feed.
Oops.
Facebook quizzes feed on our desire for social connection — and data miners’ unquenchable thirst for our private information.
We humans are social creatures. We need to feel like we belong. Facebook and other social media platforms give us a way to do that — especially for introverts like myself, and especially when a lot of people still haven’t returned to their pre-pandemic lives. So, to escape boredom and foster connection, we answer those questionnaires. We need people to see us.
Sometimes, though, we reveal too much.
There are two primary types of Facebook quizzes that put our data at risk:
The “Let’s get to know each other” variety, where you answer a bunch of seemingly innocuous questions then ask your friends to copy/paste and do the same.
Apps that promise to tell you which Disney princess you are, or which Hogwarts house you belong to.
“Let’s get to know each other” quizzes
“Let’s get to know each other” quizzes may (may!) be created with innocent intent, but they’re fertile ground for data miners in search of low-hanging fruit.
And you know what they say about the internet — once it’s out there, it’s out there forever. And there really are people lurking around, just searching for your information. It takes no time at all for them to scrape it and store it in a database.
“Which Friends character are you?”
Unlike the first type, which is usually of the copy and paste variety, these are apps. Facebook quiz apps kick things up a notch. For one thing, they’re surprisingly irresistible. (Who doesn’t want to know which Disney princess they are or which state they should live in? ) They’re also quite sophisticated, because the social engineers who develop them are very, very good. And they’re usually not so innocent.
That’s why, before they let you answer the questions that will reveal your celebrity soulmate, you have to consent to a of Terms of Service agreement in which you give the developer access to some pretty important stuff:
All of the information in your profile: Name, age, hometown, etc.
Everything you’ve ever posted, including pictures (Remember the quiz that revealed your most-used word from the previous year? This is how they do it.)
Your employer and current state of residence
Every post you’ve ever liked
Your IP address
The name and version of the browser you’re using
Your entire friends list (Have you ever thought about asking before sharing? I haven’t — until now, anyway.)
Your first-born child
Permission to share all of your information with the NSA
OK, those last two are fake, but they came from a real study designed to find out how much time people spend reading Terms of Service agreements before clicking “I consent.” The results were scary: Nobody reads them. But we knew that anyway, right?
In addition, these third-party Facebook quiz apps pose a danger above and beyond just getting clues to your password or security questions: They can also download code that lets them operate in the background, continuing to data mine long after you’ve forgotten you ever took that quiz.
It can’t be that bad, can it?
Actually, it can.
What can data miners do with this information?
Plenty!
Whether it’s a lurker or a social engineer trying to guess your passwords and/or steal your login information, it’s not even that hard. Think about this: One in three pet parents use their pet’s name as their password. So if you’ve revealed your pet’s name in one of those questionnaires, that’s the first thing hackers are going to try.
If they can’t guess your password, they can attempt to reset it by using your Facebook quiz answers to get past your security questions. Once they do that, they can go on to steal your identity or open accounts in your name.
If they can’t get the job done the first time, they can combine your answers with your friends’ answers to find more clues.
If that doesn’t work, they’ll store your information in a database and add to it the next time you answer a questionnaire.
And if you think you’re safe because nobody has time to do all of that, guess again: Most of it is automated.
Why do so many of us fall for these social engineering tactics?
Because most of us aren’t constantly on the lookout for somebody trying to scam us. Mainly, though, it all goes back to one simple concept:
We crave social connection and affirmation.
And Facebook quizzes provide that. But here’s another simple concept, one much older than social media: Follow the money.
Nobody is creating these Facebook quiz apps for just to make social media a happier place. So it’s time to face reality:
Next time you see a Facebook questionnaire or quiz app…just don’t.
Instead, go watch another episode of Plathville or Married at First Sight…you know, the kind of show that can actually make you feel like you’re living your best life instead of feeling like you’re falling behind because of how many bucket list items your Facebook friends have checked off!
Know somebody who would enjoy this post? Then please share!
Want to read more posts like this? Then please subscribe: