ACFE Insights Blog

Engagement Baiting, Data Mining and Your Personal Data

Engaging in clickbait quizzes could lead to providing hackers with enough information to bypass common security protocols on your personal accounts.

By Kate Pospisil, CFE February 2023 Duration: 3-minute read
Please sign in to save this to your favorites.

The first thing to admit is that we’ve all probably done it. There, secret’s out. What is it, exactly? We’ve commented on one of those posts or clicked on one of those sites asking for seemingly inconsequential information in order to determine our elf name or which alcohol goes with your personality. Even seemingly more innocuous, “Who is your favorite actor?,” “How long have you been married?” or “What movie can you watch over and over again?” Most of these clickbait quizzes appear harmless at the surface, but the more often you respond, the more you inform social media algorithms that in turn show you similar posts more frequently.  

Information sharing like this becomes dangerous when you provide personal details that you never thought could be harmful. Everyone has signed up for something online, created an account name and password, then been asked to provide security questions such as naming the city where you were born or what your high school mascot was. Suddenly, that post you commented on that said “Where you’re from says a lot about who you are. What does it say about you?” takes on a whole new meaning when you realize you responded with, “Austin says I’m quirky!” You’ve given data miners the answer to one of the most oft-used security questions! 

If you have ever answered one of these questions on social media, first of all, don’t panic. Second, never ever do it again. Even if it comes across as the most innocent question in the world, you’re teaching complex algorithms that you will likely continue to interact with these types of posts. The more you interact with them, the less attention you pay, and the more likely you are to give away information you shouldn’t. That information may not be on the first or second post you respond to, but over time, you will provide hackers with enough information to bypass common security protocols on your personal accounts. Your data is at risk of slowly being compiled by criminals on social media to determine your answers to security questions.  

How to Protect Your Personal Data 

The number one way to protect yourself and your loved ones from social media data mining is simple: Never click, respond to or share these spam posts. 

Any interaction you give these posts will show up on the feeds of your friends and followers, thus creating a wider pool for potential criminals to invade. If a loved one responds to one of these posts and it shows up on your feed, DO NOT respond to their comment as this will re-engage the algorithm. Just ignore the post or message the person privately to share this information with them. The more comments a post receives, the more likely the post is to spread. This engagement baiting is how these data miners gain access to more and more people by the minute. Stop the spread! 

For a deeper dive into how and why these simple posts are dangerous, this article provides more information on what and who to look for, how to protect yourself and others and who to be suspicious of.