As a social media manager, you have a million things to think about every day. Creating campaigns, organizing graphics, responding to fans and of course posting, tweeting and uploading.
Unfortunately, when it comes to social media hacking and account security, you will probably only think about it when it’s too late.
A hacked account can cause massive embarrassment to your brand, lose you followers, get you banned from networks, and even land you in legal trouble. That’s because you are responsible for the information you put out from your channel.
Before you say, “it won’t happen to me”, keep in mind that the last few years have seen cyber attacks rise and target well known figures and brands.
1. Game of Thrones
The popular TV series Game of Thrones on HBO has nearly 7 million followers on Twitter — making it ripe for the picking where hackers are concerned. In August of 2017, a group called OurMine appeared to take control of the main HBO accounts, including the Game of Thrones feed.
OurMine has a reputation for hacking high profile Twitter accounts. In fact, it recently hacked Facebook co-founder Mark Zuckerberg, Netflix, Google chief executive Sundar Pichai and Wikipedia co-founder Jimmy Wales.
2. Amnesty International
When it comes to social media hacking, there are many reasons someone may take over your corporate account. Some hackers are motivated for monetary gain, others as a personal vendetta or mischief — or some for political reasons, as in the case with Amnesty International.
Recently, several high-profile Twitter accounts were hacked by an anonymous group. Accounts such as The European Parliament, Forbes and Amnesty International fell victim. Amnesty International and Unicef USA saw their social media accounts tweet a message in Turkish that read:
“#NaziGermany #NaziNetherlands, a little #OTTOMAN SLAP for you, see you on #April16th.”
3. United Stated Central Command
If there’s one account you don’t expect to fall victim to social media hacking, it’s The United States Central Command!
The US Military Central Command were hacked by CyberCaliphate, a group supporting ISIS. The hack consisted of two videos which were uploaded to the official YouTube channel entitled “Flames of War Isis Video.” And “O Soldiers of truth go forth.”
On an even more serious note, documents were also released via the Twitter account which, although deemed “non-classified,” still had the potential to damage national security. Whilst the account was eventually recovered, it was still an embarrassing slap in the face for the Pentagon.
If social media hacking can happen to them, it can happen to you.
So, let’s take a look at how you can prevent social media hacking on your own brand account.
1. Get Alerted About Suspicious Activity
As a social media manager, you need to have eyes in the back of your head and not just for fan comments and media monitoring.
You need to keep tabs on suspicious logins and get an early detection on anything suspicious. Consider installing intrusion detection apps on your phone. These apps will detect suspicious activity and unauthorized access to your online accounts.
One app to try is LogDog which serves as a security system for your personal and company accounts.
LogDog checks for suspicious activity and sends an alert to your phone so you can take back control of compromised accounts. The app currently monitors Facebook, Yahoo, Twitter, LinkedIn, Gmail, Evernote, Slack and Dropbox.
This is a big one and something that costs you nothing to implement.
I’ve worked with brands who leave social media passes on desks, written on whiteboards and even shared on uncontrolled servers. This is a big fat NO because the more people who have access to your accounts, the greater the risk of social media hacking.
Remember too that current employees might not hack your social media accounts, but ex-employees might! By using a social media management tool like Agorapulse, you can grant specific employees access to specific accounts. You can easily add or remove them, assign roles and change passwords easily if you need to.
On the subject of controlling social media access, employees should always use a work email address when signing up for company social media accounts. Trying to gain back control when an ex-employee owns the account on his or her Gmail is hard!
2. Pay Attention To Risks
As a social media manager, you need to be aware that the risks of social media hacking are all around you and you can prevent most of them.
- Always log out of your social media accounts after use.
- Clear your cache regularly.
- Put a screen lock on any phones with social media access.
- Don’t leave your phone lying around in cafes, bars, or public spaces.
- Be careful when clicking on unknown links.
- Train your employees to prioritize social media account security.
- Always remove ex-employees from your accounts and change passwords – even if they parted on amicable terms.
Sometimes, we can get a little complacent, especially when we are busy with other things. However, mitigating these basic risks will minimize your risk of social media hacking.
Working with well-known brands (as well as my own) has taught me that you need a social media policy in place. Before you sigh that this is yet another thing you need to do… relax. This is not a lengthy process.
Social media policies are a way to ensure that your whole team is following the rules. Your policy may include any of the following points:
- The tone and style of your brand on social media
- Who is responsible for answering/posting/updating accounts
- How to effectively monitor the accounts
- Ways to avoid spam, phishing attacks, and social media hacking
- What to do if your account is hacked or compromised
- Who to contact in the event of a PR crisis or account compromise
- The name of the spokesperson for PR crisis management
- How to protect social media accounts from hacking
As director at Contentworks Agency, I often provide big brands with social media training. Doing this gives employees the chance to ask questions and learn more about the importance of preventing social media hacking.
We usually look at examples of big brand fails and discuss ways they could have been prevented.
5. Run Regular Security Checks
Running regular security checks on your accounts is a great way to stay on top of your social media security. I like to do this monthly for all my social media accounts and the ones I’m managing for other brands.
Again, this doesn’t need to take hours, but you may find flaws in your security that you didn’t know existed.
Here are some of the things you should be checking for:
- Connected Apps – check which apps are connected to your Twitter or other social accounts. Did you connect them and are they reputable?
- Users – Are you happy with all the admins on each account or are any of them ex-employees or agencies you don’t work with anymore?
- RSS – If you have an RSS feeder linked to your Twitter, run a quick check to ensure that the feeds are all coming from reputable sources.
- Fake Accounts – Run a quick search to ensure that your brand is not being impersonated by another account. If you find anything suspicious, report it to the site.
- Check your Agorapulse user panel – Log in and look at the users to ensure that the team is still correct for each brand you manage.
- Change passwords – Changing passwords on a regular basis is important. You should also avoid using anything obvious like the name of your brand, your name or the usual “Twitter123”. You know who you are!
Social media hacking is a very real threat for your brand but it’s one you can usually prevent by taking some precautions and being proactive. Did you ever experience a social media hack? Tweet us and let us know.