The Facebook concerts quiz generally involves challenging friends to guess which one of 10 listed performers the poster hasn’t seen live.
The headline from The State newspaper in Columbia, South Carolina, said it quite well:
Did you post 10 concerts to Facebook? You may have revealed more than you intended
The idea — which has taken many forms since the original started spreading like wildfire — is that you list 10 musical acts that include nine you’ve actually seen and one that you haven’t. I’m not a concert guy, so I changed it to celebrities I’ve met in person and had people guess which one I hadn’t.
It could work for cities you’ve visited, movies you own on DVD, dog breeds you’ve owned, or virtually anything that comes to mind.
But you have to use common sense when you post something like that.
The State’s article quotes a national security and privacy expert who advises “vigilance bordering on a little paranoia” in online posts.
So what’s the big deal?
CBSPhilly reports the concern involves giving potential hackers too much information about your musical tastes, which could then lead them to send you links to “free concert tickets” for bands you’ve listed as being among your favorites:
“You click on it and then you’ve downloaded malware or a virus and they have access to your network.”
The other potential pitfall involves the names of those musical acts.
Think back to the last time you set up an online account for a credit card or bank: you were likely asked to create a password and then to select and answer two or three “security questions” to help you recover your account if you manage to forget that password.
A common security question might be, “Name the first band you saw in concert.” or “Who is your favorite musician?”
If you haven’t been to that many concerts over the years, chances are one of the nine “valid” acts on that list might well be the answer to that question. Even if you attend as many concerts as you can, your favorite will probably make your list, and unless your first concert experience was a lousy one, that one could as well.
That potentially gives would-be hackers the chance to correctly answer a security question and get into your account.
If you insist on engaging in that kind of meme, experts say, you should at least make sure your security settings are set to “Friends Only.”
As long as you trust your friends!
For the record, since I’ve hardly ever attended concerts, that’s not one of my security questions for banking accounts. But for that same reason, you likely won’t see me posting lists about my favorite teachers or the favorite nicknames for family members.
Yes, sometimes, a little common sense goes a long way.