Why you should be wary of Facebook quizzes

Those quizzes on Facebook are fun, and most are harmless. But some can be dangerous.

If you’re ever prompted to allow an app access to your Facebook, or to login with your Facebook credentials in an app or website, you should pay attention to what you’re authorizing that app to access.

Apps are developed all over the world by all sorts of people. You may have a higher level of trust in an app from a developer like Apple, Inc, and a lower level of trust in an app made by some kid in his basement.

Apps link to each other and share information, through a process you control. The information they share is stored in a variety of databases – some transient, some persistent.

Many of these databases are the targets of hackers. Or worse yet, they’re sold by unscrupulous app developers to spammers and phishers.

When you authorize an app to access your Facebook, you should measure the risk. To do this you’ll want to compare what the app wants access to with the potential of that app to be either nefarious or easily hackable. If it only wants to access your public profile, that’s generally harmless. If it wants to access your friend list, that means the names of all your friends will be shared with the app. If it wants to access your timeline that means anything you’ve ever posted to your “friends.” Same for photos, etc.

Now, you don’t want to live in fear. But consider minimizing your security footprint. EG: the larger the footprint, the larger the target.

Keep a small footprint by:

  1. Don’t put things on Facebook you wouldn’t want to get “out there.”
  2. Be as informed as possible and selective of which aspects of your Facebook apps you grant access to.
  3. Regularly remove apps you’ve given access to that no longer need it.

Check out the screenshots at the top of this post for more illustration.

One thought on “Why you should be wary of Facebook quizzes

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s