I have find out that some scammers , can access to your account just by having your Security Question / response , is it possible to check this out ?
Do you think someone has accessed your account or is it just something you have read?
@leathomas wrote:
I have find out that some scammers , can access to your account just by having your Security Question / response , is it possible to check this out ?
Of course they can.
The whole purpose of the security questions is to stop unauthorised people from accessing your account but if the hacker can answer the security questions and follow the relevant process, which I will not detail here, then they can access your account just in the same way as if a hacker gets your password they can use that to access your account.
Unsurprisingly that is why you should not divulge your security answers or your password to anybody.
You'll be surprised on how many people use their question reponse as their password .
@leathomas wrote:
You'll be surprised on how many people use their question reponse as their password .
No I am not.
There isn’t a single security question there are several, so anyone attempting to access someone else’s account by ‘guessing’ the security question answers, potentially will need to be able to answer several questions, not just 1 …..it’s unlikely that a total stranger would know the answer to 1 question let alone 4 or 5, someone with an intimate knowledge ( like a family member ) may know the answers.
Account passwords have to be a mixture of letters ( upper and lower case ) numbers and at least one special character %#£ ( that type of thing ) , so it’s impossible to think of a an answer to a question like ‘where was your first holiday abroad’ or ‘what was your first car’ fitting the password criteria.
I don’t really see how someone could use the answer to a security question , when there is more than one question ) as the account password .
There is a way to subvert the two stage security and fool the genuine account holder into passing on an access code that is sent to their mobile phone , been several posts on here about that ( unfortunately it’s easy to fall for , but the fact remains that they respond to an unsolicited ‘call’ , when they should say , something like ‘ I never asked for you to call me , I will call BT back on 0800****** , as I don’t know if you are BT or not , but that scam attempt has nothing to do with security questions.