What was the model of your first car? Where did you attend high school? What is your favorite vacation destination?
These are a few of the standard questions you can expect to see while setting up online banking, creating online access to credit card accounts, retail accounts, or just about any time you create an online account. This security question feature is used to verify an account holder’s identity in the event the user needs a password reset, or make other changes with an online account.
But did you ever notice these same security questions show up on many online quizzes, surveys, and personality tests popping up on social media? Coincidence? No, not at all.
The Federal Trade Commission warns us, scammers are actively phishing for these kinds of answers to security questions. Knowing the answers to security questions makes it much easier for criminals to hack into accounts, often by asking for password resets. A hacker resetting your password can lock you out, and take over the account. The process can snowball very beneficially for the hackers when they take over one social media account, then send malware links to all the “friends”, with the links asking for participation in a fun-sounding quiz, or survey.
Avoid all these online quizzes or surveys, or if you just can’t keep yourself from away from them, answer with phony answers. Another practice we can adopt to tighten up our online security is to treat the answers to security questions like we treat passwords. You don’t need to answer truthfully. You don’t even need to use real words. Use phrases or random letters and numbers to create a unique answer. But make sure you can remember the answer, or record it somewhere; maybe use a password manager.
Two other tools that can enhance our online protection are to use and maintain strong passwords, and use two-factor or multi-factor authentication, whenever it is offered. Many financial institutions require two-factor authentication for online banking. I especially recommend it if you are a social media consumer. The internet is constantly patrolled by criminals seeking out those who over-share their personal information.
Facebook account takeovers and hacking are pervasive. I received two calls back to back this week, each reporting a Facebook account takeover, only discovered when the Facebook friends started getting messages promoting free money giveaways and grants.
CONTACT SENIORS VS. CRIME
Let me know about scams, fraud, or other crookedness you run across. Most of what I learn, I learn from you. Contact me at Seniors vs. Crime, Clinton County Sheriff’s Office, 242-9211, Ext. 4433, or email me at randymeier@gapa911.us.
Randy Meier is the director of Seniors vs. Crime, which operates in conjunction with the Clinton County Sheriff’s Office.
