This Facebook status update game might actually pose a security risk

The “10 Concerts I’ve Been To, One is a Lie” status update trend that has been sweeping Facebook might seem like an innocent game, but there could be something unintentionally sinister about it.

For those who haven’t seen it on their timelines, the format is simple. All you do is share a list of 10 music gigs: nine of which you’ve been to and one that you haven’t. The fun is that your friends have to comment on the status, guessing which concert is the odd one out.

Security experts think this could pose a risk. The first concert you attended is a common question for bank accounts – making it easier for a hacker to work out what your personal answer is and access your details.

However, this danger is only moderate, because not all websites use your first concert as a security question. The greater danger comes from social engineering.

This is when cybercriminals can find out information about your age, music taste, religion or other identifying details through your online activity, which they can then use to compromise your online security.

Software engineer and security researcher Alec Muffatt told the New York Times there are two sides to fun games like “10 Concerts”.

“They are cute, a little bit fun, you learn new things about your friends, and sometimes you get a surprise or two,” he said.

But on the flipside: “There are certainly also polls that are geared towards collecting information which could be used to fraudulently ‘recover’ an account.”

He advises that you should completely make up your passwords to ensure cyber safety. Common answers like your mother’s maiden name are facts, which can be found out by hackers, so you’re safer coming up with something new that can’t be deduced.