Security experts are concerned about the popularity of what has been nicknamed the “10 concerts” Facebook ‘meme’. The game asks users to provide 9 music concerts they’ve been to and 1 that they haven’t – their friends then need to try to spot which band the user is lying about. Experts have labelled the game a “gift to hackers” as it could be a way for cyber-criminals to determine a crucial piece of information about users: the first concert they went to.
A user’s first concert is a common security question on online accounts and could hand malicious observers the key to finding out users’ passwords.
André Mouradian, Cyber-Security Education Organisation, Wombat Security commented below.
André Mouradian:
The more connected we become, the more important it is therefore to ensure that the general public are kept constantly up to date with ways in which to protect the corporate and personal data that is stored on their devices.
From a corporate standpoint, the phenomenon of BYOD, where employees use their personal devices at work, can leave organisations open to having potentially very sensitive company information hacked. Organisations need to keep employees constantly up to date by assessing, training, reinforcing the security message, and checking how much they have learnt – in other words, in-depth security training. This will drastically reduce the number of successful attacks an organisation or an individual will be open to as they have heightened awareness. Many organisations will invest in hugely expensive security infrastructure, only to be breached by an employee clicking on a phishing email or sharing information freely on social – the moral of the story is, continuous education is crucial.
My top tips to keep passwords safe would be:
- Be careful with who you allow your information shared to, as well as who can see your page and posts. These precautionary methods are massively important and a lot of the time should be pure common sense.
- Use a different password for every website that you use.
- Use a combination of upper case, lower case, numbers, and symbols.
- Change your passwords every three months, at least.