No. No. No. No. No. No. No.
Why all the negativity you ask?
EXAMPLE: Where were you born? Paste this question into your Facebook status (along with the answer) and tell all your friends where you were born. Ask them to do the same!
Anyone what to guess what one of the most common questions people use for the password reset function on their bank accounts, credit card websites, or email? If you post this information, along with your email, it gives someone most of the critical pieces of information needed to compromise an account.
What about this?
Answer these 10 questions and paste to your status. Tell your friends to do the same and see how much you have in common:
- Where were you born?
- What is your sign?
- What is your favorite color?
- What is your favorite food?
- What do you do?
- What is your favorite movie?
- Are you a (insert a sports team name here) fan?
- Mac or PC?
- Dog or Cat?
- If you could go anywhere in the world where would you go?
I attended a presentation lately where this was said “if these people are REALLY your friends, they already know all this”. So please don’t use that as a reason/excuse why you are publicising this information on your Facebook profile. Most people may have technically “friended” you, but are loose social connections at best.
Given the number of changes to the Facebook security settings with the fact most people don’t have this set correctly, you can quickly see where these type of posts give entirely too much information to someone who shares a group with you or is a friend of a friend.
Since your profile already provides your location, maybe birthday, school, email address, etc. One can approximate enough information to figure out where you are and how old. In most locations there are probably 2-3 major banks in an area too. So, one should have enough information to target your online banking account and/or your email account. They aren’t going to have to guess or break your password. They’re going to use all the information they’ve gathered about you to reset your password.
Anyone recall the issue with Sarah Palin’s email being “hacked’? Well “hacked” is giving the guy a bit too much credit. Socially engineered it more appropriate. He simply went to her email service (which was known to be Yahoo), to the password reset function, clicked on it and it prompted him:
- “What is your birthday”
- “Where did you meet your husband?”
- “What is your zipcode?”
If you were to have gone to the governors website at the time, it proudly displayed two interesting pieces of information. She met her Husband Todd in High School and she spent her entire life in Wasilla. Since Wasilla only had two zip codes, it was easy to guess. A simple Wiki search will tell you her birthday.
So since we are not all high-profile public figures with a ton of information about us on the Internet (though if you are, thanks for reading my post!), it’s probably best that we don’t voluntarily put this information out there for anyone to snag.
Here’s my litmus test: Would this be something you’d feel comfortable telling a stranger on the street? Probably not.