The FBI Charlotte, N.C. office is warning social media users to pay close attention to the information they share online. A number of trending social media topics seem like fun games, but can reveal answers to very common password retrieval security questions, says the FBI, as fraudsters can leverage this personal information to reset account passwords and gain access to once-protected data and accounts.
Recently, the FBI says, the high school support photo trend has encouraged users to share their high school photo to support the class of 2020. Many people are including the name of their schools and mascots, and their graduation years - all three are answers to common password retrieval security questions, notes the FBI.
Other examples noted by the FBI include posting a picture of your first car; answering questions about your best friend; providing the name of your first pet; identifying your first concert, favorite restaurant, or favorite teacher; and tagging your mother, which may reveal her maiden name.
The FBI is encouraging people to be vigilant and carefully consider the possible negative impact of sharing too much personal information online. Other safety measures include checking security settings to ensure they are set to the appropriate levels and enable two-factor or multi-factor authentication when available.
According to the FBI, there are three categories of credentials: something you know; something you have; and something you are:
- “Something you know” is your password or a set PIN you use to access an account.
- “Something you have” is a security token or app that provides a randomly generated number that rotates frequently.
- “Something you are” includes fingerprints, facial recognition, or voice recognition.
Lastly, if given the choice, take advantage of multi-factor authentication whenever possible, advises the FBI, but especially when accessing your most sensitive personal data—to include your primary email account, and your financial and health records.