Social media quiz scams are a type of online scam that uses social media to trick people into revealing personal information or taking other actions that could put them at risk, also known as Social Engineering. You may have heard this term mentioned around the recent MGM hack. These scams can be very effective, especially for businesses with a large social media presence.
As an experienced IT professional, I have seen firsthand the damage that social media quiz scams can do to businesses. Scammers can use the information they gather from these scams to steal money from businesses, damage their reputation, and even gain access to their sensitive data.
For example, a social media quiz scam targeted employees of a large tech company in early 2021. The quiz asked employees to provide personal information, such as their name, birthdate, and job title. The scammers then used this information to create fake LinkedIn profiles and reach out to other employees of the company to gain their trust and steal sensitive information.
More recently, in 2022, a social media quiz scam targeted customers of a popular retail chain. The quiz asked customers to provide personal information, such as their name, email address, and shipping address which the scammers then used to send fake order confirmation emails to the customers. The emails contained links to fake websites that looked like the retail chain’s website so when the customers clicked on the links and entered their credit card information, the scammers stole their money.
Here are just a few of the risks that social media quiz scams and other types of Social Engineering attacks pose to businesses:
- Privacy breaches: Social media quiz scams often require users to provide personal information, such as their name, birthdate, location, friend list, and interests. This information can then be used for a variety of purposes, including targeted advertising, identity theft, and selling data to third-party companies.
- Malware infection: Some social media quiz scams contain hidden links or other content that is designed to spread malware or infect the user’s device with viruses. This can result in the loss of sensitive information, such as passwords and credit card numbers, or even the theft of the user’s identity.
- Financial loss: Some social media quiz scams are designed to trick users into revealing sensitive financial information, such as bank account numbers and credit card numbers. This information can then be used to steal money from the user’s accounts.
- Damage to reputation: If a business is associated with a social media quiz scam, it can damage their reputation and credibility. This can lead to lost customers, revenue, and partnerships.
Businesses with a larger social media presence are at an increased risk of being targeted by social media quiz scams. This is because they have a larger audience of potential victims and because scammers know that they have more to lose. There are several things that businesses can do to protect themselves from social media quiz scams:
- Educate employees, customers, and family members about the risks of social media quiz scams. Teach them how to identify and avoid scams, and what to do if they think they have fallen victim to one.
- Require using strong passwords and multi-factor authentication as well as keeping software up to date. Use a strong password manager to create and store unique passwords for ALL your online accounts. This will help to protect you from identity theft if one of your accounts is compromised.
- Monitor social media accounts for suspicious activity. Check for posts that promote social media quizzes or that ask for personal information.
- Report any suspicious activity to the social media platform and to the appropriate authorities.
- Be careful about what information you share on your social media accounts. Only share information that is necessary for your business and that you are comfortable with being made public.
- Do not click on links in social media posts or emails unless you are sure they are legitimate. If you are unsure about a link, hover over it with your mouse to see the actual URL. If the URL does not match the website it is supposed to be linked to, do not click on it.
- Be wary of any social media posts or emails that offer something of value for free, such as a gift card or a prize. These are often scams that are designed to trick you into revealing personal information or clicking on malicious links.
By following these tips, businesses can help to protect themselves and their customers from the risks of social media quiz scams. Swish is poised to help you make these changes, reach out to one of our cybersecurity experts today to find out more.