PITTSBURGH (KDKA) – The “10 Concerts” phenomenon has taken over Facebook, but security experts have a warning about the posts.

You’ve probably seen the posts circulating on Facebook, they’re titled “10 Concerts I’ve Been to, One is a Lie.”

Users make up a list of 9 concerts they have actually attended, and then one that is made-up, asking their friends to then guess which concert is the fake.

Security experts are warning social media users that while the post may seem like fun, it could actually pose a threat to your security or online privacy.

“These ‘fun’ questions have a limited potential for revealing password usage,” says Andrew Richards of Fraud Investigative Services, LLC in Pittsburgh.

You’ve probably seen the question, “What was your first concert?” posed as a security question to help identify you.

“Once a person is used to participating in these postings, the questions may become more targeted towards security type questions,” Richards says.

The other issue that these quizzes present, is the possibility of being targeted through social engineering.

By answering the question you could open yourself up to targeted ads based on your age, your musical tastes, religious affiliations.

“When these questions become more viral, users become less sensitive to what they open, and the scammers start adding viruses,” says Richards.

Richards also reminds users that security questions do not require honesty, just an answer that is recalled when needed.

“If a security question asked, ‘What is your favorite pet’s name?’ You could answer TRex. It doesn’t matter, but it’s better than using real names,” Richards says.