Media Release

This is why you shouldn’t just click on online quizzes

Online quizzes or personality games that appear on your social network feeds are boredom busters and sometimes fun to play. They entertain you with just a couple of clicks and seem completely harmless. What could be so dangerous about finding what kind of fairy tale princess you are? Or what kind of boss you are based on your spirit animal?

But most people forget to read the fine print. What you don’t know is that these developers are collecting your personal data and monetizing it by selling your data to companies for profiling or, worse, to hackers who can use the data for identity theft.

Be wary about opting in to such schemes by remembering the following Be Aware tips from PSBank:

Online quizzes may carry malware. Clicking on the game’s link may also download malware into your device without your knowledge. Such malware could be designed to gather sensitive information from your device—including bank account login details and other personal information that the hackers can use to steal your identity online. Another malware could redirect your internet access to legitimate websites by intentionally pointing your browser to phishing sites that look like the authentic site but is designed to collect your login details and browsing habits.

You give more than just your “answers.” By playing the free game, you explicitly allow these firms access to your public profile, email, friends list, etc. Whenever you submit your answer, you help these firms create a more accurate and personalized profile about you. This is one of the reasons why you often stumble upon advertisements and spam messages that match your pool of interests. That wasn’t a coincidence.

It attacks your friends on social media, including your family. The same malware that you inadvertently downloaded from clicking on the online quiz could also send spam and click-baits to your list of friends and family in your email address book or social network account, infecting their devices as well if they too fall for the scheme.

“Nothing on the internet is truly ‘free,’ said Dan Duplito, first vice president and CISO of PSBank. “If not with real money, you are still paying with your privacy, habit profile or network identity when you opt in to ‘free’ online services because you either need to sign up with your personal email or implicitly through your Facebook profile if the service is offered by the social network through your feeds. Be cautious and always check the data privacy policy of the free service that you’re about to use and know how your data will be used. Always be careful who you trust your personal data within the internet.”