Back in 2017 a viral trend did the rounds on Facebook asking people to list 10 concerts they’ve been to and one lie. You’ve probably seen other variations including “10 things you might not know about me”.  Whilst on the surface these may seem like harmless fun to encourage engagement, this might be a form of social engineering.

What is Social Engineering?

“Social engineering is the art of manipulating people so they give up confidential information”. Put simply, it’s cyber criminals trying to trick you into handing over passwords or banking information. Social engineering tactics work as it’s easier to manipulate someone into giving up personal information than actually trying to hack their computer. What’s more, social engineering methods can target large amounts of people (i.e. blanket email to large data list or a public social media post).

How scammers are using Facebook for social engineering

If you’re on Facebook you’ve probably got people on your friends list who are always taking part in the latest trends, including quizzes about themselves. Disguised as a way of telling your network more about yourself and building better relationships some of these may have come from cyber criminals. They use these quizzes to ask questions which answers are common security answers or passwords such as, what is your mother’s maiden name.

How to protect yourself online

The best way to protect yourself against this kind of social engineering attacks is to avoid doing these kinds of quizzes at all. To further protect yourself you can also think outside the box when setting up passwords or security information. For example, your mother’s maiden name might be listed/easy to figure out on Facebook, or similarly your first job is probably listed on LinkedIn.

Stay alert to online scams

When it comes to social engineering, cyber criminals are getting more and more clever with how they manipulate people for personal information. If something doesn’t sound right then chances are it probably isn’t.