I admit the title sounds a bit dramatic, but I think it’s worth a look at what information you are inadvertently giving away in the name of harmless fun.
Little Twinkle Fart Pants.
Sound familiar? No? Read on. Little Twinkle Fart Pants is my Fairy name, when I take the month of my birthday, the initial from my surname and the number of my house. Sound familiar now? Anyone who is on Facebook is probably now nodding, accompanied with an ‘Ah, yeah!’.
They are mightily popular, penny a dozen and admittedly can give out some hilarious results.
How is this related to security?
Hands up who has online banking? Banks need layers of security to keep your hard earned pennies safe and one way is to employ (those very annoying) security questions. What is the name of your first cat? What City you born in? What is your mother’s maiden name? Any of these ringing a bell? These questions are like gatekeepers, they stand in front of those dubious members of society who plan to rob you blind, and challenge them to a duel. If the bad guys can answer them correctly then they’ll gain entry to the pots of gold i.e. your money.
Now you might be thinking that I didn’t give away any of that information in my example. And you are right, but combine that with my Elf name, unicorn name, gnome name … you get the idea. Each has a slightly different criteria. So it’s the letter of your City, or your first name of the year you were born.
Once you’ve done a couple of these the information that can be complied is building up nicely. But it gets worse!
What else to watch out for?
The ‘game’ above is quite limiting, but there are ones that are far worse. While the concept is same; to create a hilarious and usually embarrassing nickname. The personal data you can give out is much wider in scope and much most beneficial to our would be thieves.
Create your Mermaid name. Take your first pets name, followed by your favourite colour and your favourite animal and you get “Ziggy Pink Mouse” (This isn’t really mine).
Look at that and you can see I’ve given out 3 vital pieces of information. Companies ask for this type of information either when logging in or when trying to request a forgotten password for example. So this isn’t just about banking it is anything you have an account for; your various social media, other financial institutions, shops where you may have your card details saved and even your email.
Then there are the innocent looking comparative surveys, that implore you to share with friends and compare your achievements. These aren’t based in fun but based on the natural competitive nature we all have. They are simple a list, sometimes in excess of 20 questions, about your whole life. Can you drive, what year you got your license, ever been in a helicopter, have you met a famous person? All seem innocuous and irrelevant but interspersed in there are the questions that pull out the real information. How many siblings you have, where you were born, your mother’s maiden name, if you have a pet, your favourite colour. All things that security questions could be based upon.
At the end of them you may have to nominate 5 friends, or a there’s a message ‘Copy and paste this to your timeline to compare with your friends’. These hooks bring the competitiveness out even more and people don’t want to appear to be letting the poster down by not taking part after they sat and read their answers.
What can you do?
Easiest thing and safest thing to do is do not take part in games and surveys of this type, be wary of anything that is asking for personal information.
Something else to consider is to not answer the security questions truthfully when setting them up. Will it matter? No. They aren’t there to prove your actual identity or eligibility, they are to make it easier to remember the information, if you need to recall it. This is why it’s often the the ‘first of’; pet, car, school.
You could entirely fabricate a set of details, adjust them to use the last of instead of first, hated instead of favourite or base them on a favourite character. As long as you can remember them they can be whatever you want.
Important: Please don’t mix this up in instances where you are going to be credit checked or have your identity confirmed from official purposes.
Be sure you periodically check your privacy settings on your personal social media accounts. When they are initially released, new security policies and features can sometimes give access to things you’d rather be private, leaving the onus on the user to notice and change them. Keep your social media accounts as closed as possible. Make use of the facilities they have in place allowing you to look at your page as a friend, then as a stranger and adjust your setting where necessary.
Rule to live by.
If you wouldn’t be happy sharing the information with a stranger, who randomly turned up at your door; don’t share it online.