The Federal Trade Commission is sharing this important alert.
What do the model of your first car, your favorite hobby, and the high school you attended have in common? If you said they’re questions commonly used for online account security and online quizzes, you’re correct! Before you take a quiz to find out which Marvel character you are, ask yourself: Do I know who’s gathering this information about me — or what they plan to do with it?
Personality tests, quick surveys, and other types of online quizzes ask seemingly harmless questions, but the more information you share, the more you risk it being misused. Scammers could do a lot of damage with just a few answers that give away your personal information. We’ve heard about scammers phishing for answers to security question data through quizzes. They use your quiz answers to try and reset your accounts, letting them steal your bank and other account information. Some scammers hack social media accounts and send malware links to friends of the hacked account holder under the guise of sharing a quiz.
One major way to protect your personal information — in addition to maintaining strong passwords and using multi-factor authentication — is to steer clear of online quizzes…or just don’t answer them truthfully. As for accounts that require actual security questions, treat them like additional passwords and use random answers, preferably long ones, for those too. Asked to enter your mother’s maiden name? Say it’s something else: Parmesan or another word you’ll remember. Or use a password manager to store a unique answer. This way, scammers won’t be able to use information they find to steal your identity.
If you suspect that an online quiz is a phishing scam, tell a friend. Then, report it to the FTC at ReportFraud.ftc.gov.
By Terri Miller, FTC Consumer Education Specialist