No Comments
Facebook Password Scam: Survey Questions
A couple of friends have approached me and asked for advice on the latest scam that seems to be doing the rounds on Facebook.
A scammer approaches someone often as they’ve been in the same Facebook group, puts in a friend request. After a couple of days of adding bits on your Facebook wall then chats randomly for a few minutes on Facebook Chat and then asks them if they can complete a survey… All nice and friendly so far… survey asks all the usual questions then they’ll be a section of the survey on pets, asking what pets you’ver owned etc all getting you primed for a question hidden amongst other questions “What did you call you’re first pet?” As it all looks safe, fairly normal and most people answer surveys truthfully the person answers honestly.
“What’s your first pet’s name? ” isn’t a very innocent question however. It’s used as a security question on a wide range of services including e-mail providers. Combine this answer with an email address and someone can very quickly and easily gain access to your emails. Sounds like a bit of a disaster. Everyone’s got a few emails they’d rather keep private.
However once someone has your email address they can then click on the helpful little “forgot your password” links on various sites answer the question “Your First Pets Name?” correctly and get a reset sent to your email address. They are in another part of your life. Potentially worse they can impersonate you and email all your contacts and ask them to complete the same survey! Once they are into your FaceBook, Windows Messenger, MySpace, Twitter accounts or similar they can impersonate you and message all your friends to complete the same survey.
Once inside an email account they can potentially order themselves products at sites where you store credit card details to save having to re enter them. Lots of people save receipts and order confirmation emails which scammers will use to find out what sites you are using once inside your email.
Be wary of people suddenly asking you to fill out surveys and never answer truthfully any question which could reveal answers to Security Questions on another site. On a side note: Nothing says your answer to a security question has to be valid – why not answer “First Pets Name? ” with a random word… but don’t use rainbow as that’s what I use…. (that’s a joke by the way!)
