Protecting Your Company from the Hack

There is no bigger social media nightmare than the hack of your account pages. Your profiles often become completely inaccessible, you lose total control of your company’s messaging, and sensitive information is exposed— posing a serious security threat to your employees and clients. Although social media is an incredibly valuable tool for reaching possible pest control customers and spreading awareness of your services, it’s crucial to mitigate the risks involved by putting safeguards in place to prevent a breach.

Social media hacks can happen to companies of any size, and resuming control of your pages and undoing the damage can be much more of a challenge than you might expect. The necessary site contacts might not be directly accessible, or located in a different time zone, making preventing attacks in the first place all the more important.

With each additional social site or network your company adds to its online presence, the opportunities for hackers to crack into your accounts increase as well. These days, it seems like every week there is another brand making headlines for all the wrong reasons as their social assets are compromised, affecting their perceived level of professionalism amongst consumers.

The list of companies that have fallen victim to malicious hacks is extensive and includes such high-profile brands as Delta, Crayola and Newsweek. Earlier this year, a hacker took control of Delta’s Facebook page and shared offensive links; the company was not able to regain control of its page for nearly an hour. Crayola’s Facebook page has also been hacked, with the perpetrator sharing explicit links to R-rated sites throughout the day—posts that were extremely offensive and alarming to the fans who are mostly mothers with younger children. On Twitter, Newsweek’s page hack resulted in the posting of threatening messages to President Barack Obama’s family and even references to ISIS.

Hacking Case Studies

In August 2015, the Facebook pages for a number of the University of Michigan’s most popular sports-related pages were hacked and subjected to malicious postings. Page administrators were not even aware of the hack until their Facebook fans began to reach out to notify them, and within three hours, online news outlets had picked up the story and included screenshots of the content.

The school’s site administrators lost complete access to the accounts, and it took hours before they were able to connect with their contacts at Facebook to remove the hacker’s access. The entire University of Michigan’s social leadership team was instructed to change all account passwords and asses all third-party applications with access to publish on the pages. Eventually, it was discovered that the suspicious activity was linked to an employee’s personal Facebook account. The hackers had sent a Facebook message to the employee requesting that they fill out a form intended to resemble validation of the site’s credentials. Once the hackers had this user’s personal information, they were able to access all the pages for which the employee had administrative privileges.

Instagram star, Sarah Philips, a user with nearly 400,000 followers, detailed the hack of her account through her web server to Business Insider back in July of this year. Philips said the hackers called the company managing her web server and were able to correctly answer the basic security questions, eventually giving them the ability to redirect her email so that all messages were sent to an account controlled by the hacker. They were then able to reset the account password, after which they posted offensive content, including a swastika, to Philips’ followers. Despite being a top user of the site, it took Philips five days of calls and research to regain control of her accounts, and she never once heard directly from Instagram during or after the hack.

Protecting Your Social Assets

While these social media horror stories may be alarming, they aren’t unusual. The good news is there are steps you can take to prevent mistakes that may threaten your account security.

1. Don’t Be a Password Slacker:  Site passwords are the single most important part of your defense against hackers. Passwords that are simple and easy to guess leave your accounts vulnerable. Hackers can easily put combinations together of your name with other easy-to-find details, such as your date of birth, to figure out your password. Another common mistake is using the same password for all of your accounts. Once a thief has access to one account, they’ll have access to everything, creating a much larger headache. It is also important to regularly update all passwords, ideally on a quarterly basis.

Check out tools like LastPass for assistance with generating strong passwords and securely storing them in an encrypted vault. LastPass will prompt you to save user name and password data for new sites as you browse, and then autofill logins when you return to sites. The site stores all your data as well, allowing you to edit, delete and organize log-in information.

2. Be Careful What You Click: Learn how to spot malicious or spam links that could allow hackers to phish information, whether in emails, on Facebook Messenger or through third-party applications. A quick look at a company’s social media accounts can give hackers a good enough idea of people’s names and other personal information to successfully pose as a legitimate contact and request sensitive data from employees, such as account passwords.

Additionally, avoid using public Wi-Fi networks whenever possible, which can serve as easy entry points to your computer. If you frequently need to use public networks, for example at airports or cafes, install and frequently update security software that will protect your accounts and alert you to any suspicious activity.

3. Become an Informed Social Media User: Educate yourself and any of your employees with access to social media accounts on social media security best practices, privacy updates for any platforms your company uses and how to avoid becoming victims of a hack. It’s common for companies to rely on interns or freelance social media experts to handle the content on account pages. Make sure everyone involved is aware of the rules and your company’s security standards, because all it takes is one weak link for a hacker to gain access to your pages. If possible, limit the number of people who are privy to your social site’s log-in information.

If you have a company Facebook page, the site has recently released Business Manager, a new, more secure tool for managing your Facebook account. Business Manager is ideal for companies who need to give account access to multiple people. You are able to clearly see who has access to your pages, and remove or change their permissions.

A hack can happen to anyone, and as your customers become increasingly more tuned in to your company’s online presence, it is vital to protect your accounts from malicious activity that could damage your reputation. With these tips, your social media accounts will become a safer and more valuable tool for spreading your company’s message.