Windscribe VPN CEO warns your favourite Facebook quizzes are actually
stealing your bank details
Date:
Mon, 22 Jun 2026 13:13:56 +0000
Description:
Think those viral social media personality tests are just harmless fun? A top cybersecurity CEO warns that they are actually highly effective phishing
traps designed to steal the answers to your bank's security questions.
FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Windscribe CEO warns social media quizzes can harvest data to bypass knowledge-based authentication The 'fun' prompts often perfectly mirror bank security questions Experts advise users to treat them as a second password by lying We've all seen them pop up on our feeds: "What's your 90s sitcom character?" or "Discover your stripper name!" But while these social media quizzes might seem like a bit of harmless fun, they are actually acting as a massive phishing net.
That's the warning from Yegor Sak, the founder of one of the best VPN providers, Windscribe . According to Sak, these viral personality tests are carefully crafted to harvest the exact answers that financial institutions
use to verify your identity. By wrapping standard bank security questions, like your mother's maiden name, your first pet, or the street you grew up on, into a gamified social media post, attackers are tricking users into
willingly handing over the keys to their accounts. The dangers of Facebook quizzes The success of these quizzes comes down to psychology rather than advanced hacking techniques. The questions are cleverly disguised to disarm your natural skepticism.
"If a stranger walked up to you on the street and asked for your mother's maiden name, your first pet, and the street you grew up on, you'd walk away," Sak explained. "Wrap those same questions inside a 'Which 90s sitcom
character are you?' quiz, and people happily type the answers into a database owned by someone they'll never meet." You may like Looking for a job at Meta, Disney, and Spotify? It could be a scam, NordVPN warns Hackers target
LinkedIn accounts with devious new phishing attack AI can tell a lot about
you just based on the overall patterns of ads you see
Sak describes every completed quiz as "a credential reset form for a stranger."
Asking for a mother's maiden name directly puts people on the defensive, but asking for a silly combination of a first pet and childhood street gets a laugh.
"Same data. One feels like an interrogation. The other feels like a game.
That gap is the entire attack surface," said Sak.
This isn't just a theoretical threat. Back in 2020, a major investigation by the UK's Information Commissioner's Office (ICO) confirmed that personality-style apps on social platforms were harvesting data from tens of millions of users, many of whom had no idea their information was being collected.
"Most people have been quietly handing over the keys to their bank accounts for the better part of a decade," Sak noted, "and they think they're just having fun on Facebook." What to read next Hackers are using TikTok videos offering 'free Spotify Premium' to spread malware and steal passwords HP
warns hackers are turning popular remote access tools into dangerous,
stealthy backdoors How to use a VPN to stop hackers and scammers Today's best Windscribe deals Windscribe 1 month $9 /mth View We check over 250 million products every day for the best prices How to protect yourself (and why you should lie) So, how do you spot a trap? Sak says the danger lies in the type of information requested.
"Any quiz asking for a name plus a memory is a red flag," he warned. "First pet, first car, first school, the street you grew up on, mother's maiden
name, favourite teacher. If a quiz is collecting four or five of those in one round, it's not a personality test. It's a security questionnaire with stickers on it."
Because a leaked password can be changed in seconds but the name of the
street you grew up on cannot, Sak recommends a simple but drastic fix for knowledge-based authentication: lie.
If you've ever filled out one of these quizzes, you should immediately update the security questions on your bank, email, and brokerage accounts. Treat the answers like a secondary password by using random, fictional responses.
"The data is gone," Sak concluded. "The only thing left to do is change your security answers everywhere, and stop using questions whose answers exist on the internet." Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
======================================================================
Link to news story:
https://www.techradar.com/vpn/vpn-privacy-security/windscribe-vpn-ceo-warns-yo ur-favourite-facebook-quizzes-are-actually-stealing-your-bank-details
--- Mystic BBS v1.12 A49 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)