24 Mar How to Protect Your Social Media Accounts From Hackers
Your small-to-medium-size business is on the right social media platforms for reaching your target audience – and you’re posting quality content to engage them. But are you protecting your social media accounts from hackers? Attacks on high-profile social media accounts frequently make the news, raising awareness of this ever-present risk. Unfortunately, your enterprise doesn’t need to be a Fortune 500 company to become a target. All it takes is a malicious competitor, disgruntled former employee or unsatisfied customer with hacking know-how.
Assuming your business is brick-and-mortar, you have an alarm system. Hopefully, you don’t just lock the door at the end of the day and depend on that to prevent a break-in. No business owner believes their shop is too small to attract the attention of a thief. While a burglar is looking for cash and whatever merchandise they can grab, a hacker is out to damage your reputation – if not put you out of business – gain access to your business’s data, and perhaps even the personal data of your customers. Here are some recommendations on how to keep your accounts, your social media visitors, your customers and your business safe!
Secure Your Social Media Accounts Like You Secure Your Store
Providing layers of protection at each point of vulnerability is important in building an effective defense. Common security risks include the following:
Weak passwords – Coming up with impossible-to-guess passwords is an effort, especially if your business has multiple social media accounts. But it’s essential that your account login information is strong and secure. A password should be 12 to 16 characters long, consist of random combinations of upper and lowercase letters, numbers, symbols and punctuation and should have no relation to your business – such as industry, location, etc. Set up two-factor authentication for even greater security.
Not understanding or using privacy settings – Each social media platform features privacy settings for both private and business accounts. Read your privacy setting options carefully when you create your account, and activate all that apply.
Using public Wi-Fi – Even if your business social media accounts weren’t a factor, the security risks of using public Wi-Fi for your laptop and mobile devices should be well-known by now. A hacker can create a Wi-Fi network with the name of your location – Starbucks, for example – which wouldn’t raise suspicion. But as soon as you connect, your information and work are accessible to the hacker. Public Wi-Fi can also expose your device to viruses and malware.
Phishing attacks and scams – We’ll cover this in more detail later, but vulnerability to these types of risks typically result from inexperience and nativity in the ways of social media. They also play upon the tendency of human nature to want something for free, state an opinion, or to get in on a “good deal” or “next big thing.” Reporting for Hootsuite, digital marketing writer Christina Newberry cited “employee weakness” as responsible for 20% of cyberattacks, according to the EY Global Information Security Survey.
“Something as simple as clicking on the wrong link or downloading the wrong file could wreak havoc,” Newberry writes. “Some online challenges and quizzes can also be problematic. By completing them, employees can accidentally create social media security issues. Those ‘learn your elf name’ and 10-year-challenge posts might seem like harmless fun. But they can actually provide scammers with information commonly used to hack passwords.”
When in doubt about the source of a link, hover your mouse over it. A legitimate link will indicate the page’s URL. If it displays a URL from a different source or looks questionable, leave it alone!
Also, do not click on the following types of “red flag” suspicious links. If other employees are involved with your social media accounts, instruct them, as well. Again, more on this coming up soon:
- Clickbait wording and content – such as a sensationalistic topic.
- Quizzes, surveys and polls about popular topics.
- Contest and sweepstakes links from non-verified or non-official accounts.
Vulnerable third-party platforms and apps – As reported by Reuters, Twitter accounts associated with the International Olympics Committee were hacked via a third-party analytics app.
Fake and imposter accounts – It isn’t difficult for a hacker to create a social media account that looks like yours – or the account of any other reputable business, organization or individual. Twitter allows certain accounts to be verified. Its blue Verified badge lets people know that an account of public interest is authentic, which reduces the risk of engaging with an imposter account. Newberry provides the following eye-opening statistics:
- LinkedIn’s Community Report of 2021: January-June notes that LinkedIn took action on 21.6 million fake accounts during that time period. The majority of those accounts (95%) were automatically blocked at registration – yet more than 67,000 were only addressed after members reported them.
- Facebook estimates that about 5% of monthly active user accounts are fake.
“Imposter accounts can target your customers or potential recruits,” Newberry writes. “When your connections are tricked into handing over confidential information your reputation suffers.”
Unattended/abandoned social media accounts – Many businesses open social media accounts in a flurry of activity. Eager not to miss any opportunity, it’s common (if you’re not working with an agency specializing in social media) to open an account on every major platform. However, you soon find that you get more engagement on some platforms than others, and stop posting to the underperforming accounts. Hackers can target such accounts and start posting their own messages under your name.
“Once they gain control, hackers can send anything,” Newberry writes. “That could mean false information that’s damaging to your business. Or maybe it’s virus-infected links that cause serious problems for followers. And you won’t even notice until your customers start coming to you for help.”
Our blog post – “Why You Should Kill Your Zombie Social Media Accounts” – covers additional risks of keeping unused accounts open.
How to Educate Yourself and Your Employees About Social Media Hacking Risks
Now for what we’ve been leading up to – making sure that everyone involved with social media in your business knows how to recognize and avoid falling for phishing attacks and scams, as well as how to observe other basic best practices! If you’re a one-person enterprise, at least you’re responsible only for educating yourself. Should this be the case, be aware that new security threats come up frequently. Keep your eyes open and ear to the ground to be proactive in preventing a hack attack!
- Create a company policy with specific steps and requirements for how to secure social media accounts. Rules should state who has access to the accounts, and expectations for how to prevent security breaches. The policy should also include information about who to notify if social media accounts are compromised.
- Instruct those involved with your business’s social media accounts to recognize phishing expeditions and scams to avoid falling prey. As these types of attacks are so common, this point needs to be emphasized.
- For larger companies, inspect page roles and who has access to accounts. Business News Daily recommends periodically sweeping your account to see who has access and ensure that all roles are properly assigned.
- Change passwords when an employee leaves the company – even if on good terms.
- Keep your guard up. Online technology changes rapidly. It only takes one click on a link to a sketchy account out of curiosity to trigger an attack. “Social media security threats are constantly changing,” Newberry writes. “Hackers are always coming up with new strategies, and new scams and viruses can emerge at any time.”
The Take-Home Message and Our Blatant Self-Promotion
The next time a business’s hacked social media account makes the news, don’t assume that yours is too small to be a target. Every enterprise needs a well-planned, well-executed social media account security strategy to protect its reputation, data and customers.
Yet as you’ve learned, there are many steps involved, and security is an ongoing process. Since you’re busy running and building your business, let us handle all of your social media marketing – as well as your website design, website redesign, SEO services, pay-per-click marketing and so much more! Virtual Stacks Systems is a full-service digital marketing agency that’s ready to be your partner in success.
Contact us to learn more and get started!