Those seemingly fun-spirited questions and quizzes on Facebook are not only collecting profile information, but some are harvesting answers to secret questions used when you forget your password.
We map knowledge-based authentication (KBA) attributes in our identity threat intelligence API and see KBA exposed in underground communities now and again. Criminals can use this information to piece together a pretty thorough identity and authentication profile on unsuspecting people.
A general rule is to avoid putting any of your personal information out there, even if it seems harmless. You may also want to consider help protecting your digital identity and assets from an IDTheft company.
Social media sites are littered with seemingly innocuous little quizzes, games and surveys urging people to reminisce about specific topics, such as “What was your first job,” or “What was your first car?” The problem with participating in these informal surveys is that in doing so you may be inadvertently giving away the answers to “secret questions” that can be used to unlock access to a host of your online identities and accounts. On the surface, these simple questions may be little more than an attempt at online engagement by otherwise well-meaning companies and individuals. Nevertheless, your answers to these questions may live in perpetuity online, giving identity thieves and scammers ample ammunition to start gaining backdoor access to your various online accounts.