For those unfortunate souls who use FB:
Kaj just happen to be one of my facebook friends.
Sharing this (very long) explanation of WHY you don’t participate in Facebook quizzes. Ever. The Docs have posted several times about this topic, because we see friends, family and customers participating in these every day. (Note: this material was previously circulated on FB by several sources, and The Docs were not able to determine the original source.)
How account hacking works on Facebook:
1. You see a fun little question pop up in your facebook feed that people answer in the comments. This isn't a question from one of your facebook friends, it's from a public account, maybe an account supposedly belonging to a radio station, but not one in your part of the country, where you definitely recognize the station. Maybe it's from a public account called something cute like "just for laughs" or "no biggie" or "memory lane." Maybe a facebook friend of yours has already answered the question.
It seems harmless and trivial: What food would you never eat? What was the first concert you went to? You answer the question in the comments.
2. Because of the way facebook's algorithm is set up, answering this question, or even just giving the post a like means Facebook will show you more content by this facebook poster and more content by other, similar posters. You see more and more little quiz questions by facebook accounts who are not your actual friends.
3. Also because of the way facebook's algorithm is set up, your actual facebook friends can see the post you responded to and your answer to the little question. If they respond to your comment, or like your comment, or answer the question themselves, they also begin to see more little quiz questions from this facebook poster and more similar facebook accounts with other little questions.
4. Some of these questions really are probably harmless, but the more you answer, the more you see, and sooner or later you slip up and answer one or more that help a data miner begin putting together pieces of information that help them steal your identity and get into your bank accounts.
"One of these has to go" with a list of four types of candy bars isn't helpful to anyone, but the more you get used to answering questions, the less carefully you scrutinize the questions.
One day you answer one that gives someone your birth year: "how old would you be if the digits in your age were reversed." A week later you've forgotten about that, but the information has been harvested and filed away and you answer another question that gives them your month of birth: "your birth month determines which celebrity you marry, are you happy?" with a bunch of pictures of famous people laid out in a calendar grid.
Some questions are straight up complete answers to common security questions: maiden names, grandparents' names, where you vacationed as a kid, what was your first car, what was your first pet's name, what was the name of your elementary school.
5. When the data miner pretending to be a harmless fun facebook account or radio station has enough pieces of the puzzle put together they can either get into your bank account, sell your information to someone else who wants to get into your bank account, or remotely lock your accounts or take over your whole computer or phone and force you to pay a ransom to get access back.
They can impersonate you and steal your tax refund. They can commit social security fraud, pretending to be you, and disappear with the check while you are left to prove it wasn't you.
6. The worst thing about these social media predators is that the more you comment on these information gathering quizzes, even if you just comment to tell a friend that they have potentially given away the answer to their own security question, the more they spread.
All your facebook friends will see more of these quizzes as a result of your comment, and be more likely to comment themselves, and sooner or later one of them will give away important information, even if you never do.
7. So DO NOT COMMENT. Not even to the ones that really don't share any important information. They post many innocuous questions for every one that actually gathers information, but even the seemingly benign ones help them figure out what style of questions generate the most responses, work the algorithm to get them on more people's facebook feeds, and lull you into a false sense of security that this is good clean fun.
Do not give it a thumbs up or an angry face. If you see a friend post in response to one, talk to them in person about how these work, or call them, or send them a private message, but don't reply back to their comment on the actual post. That just helps these things spread.
Be safe.