Unfortunately, hacking has become all too commonplace. Almost daily, we read headlines about hackers breaking into banks, government institutions and sensitive databases containing troves of personal information.
Your social media accounts and those of your clients are no exception. CNN, celebrities and even Facebook co-founder and CEO Mark Zuckerberg last year have all had their social media accounts hijacked at some point for nefarious purposes.
Minimizing the issue can be broken down into three simple steps—detect, prevent and remedy.
Detect: signs you’ve been hacked
Types of hacking can cover a wide spectrum, and some of it can be very subtle, so it’s critical to regularly check your social media account for the following red flags:
- Changes to your account’s profile or photos.
- Likes, favorites, follows, unfollows or friend requests that you didn’t perform or that seem targeted at content or people you wouldn’t normally engage with.
- Status updates or tweets that you didn’t personally post. Social media tools exist to track this behavior as a feed, which is worth doing.
- Any automated notifications from a social network relating to your account that you have not triggered should be investigated, especially if they relate to changes in your password or email address.
- Private messages sent out to your contact lists. This is easy to miss, so set yourself reminders to regularly check your social profile outbox.
Prevent: minimizing vulnerability
Narrowing your exposure to social media attacks can be encapsulated in four simple, preventative steps.
- Make certain that you set a unique password for each social network, so that if someone manages to access one of your profiles, they won’t automatically have access to all of them.
- While this is obvious, it’s often overlooked: Don’t share your passwords. Several tools are available that allow you to enter passwords and share access via a web interface, without actually sharing access to the passwords themselves, meaning that others can support your social efforts without compromising the actual passwords.
- Nearly all social networks have two-factor authentication features. When you attempt to login, a code will be sent to a separate device you have pre-registered, and you must then input that code to the login page. Hackers generally won’t have access to your device, thus foiling any unauthorized attempt. Make sure your designated devices are up to date.
- Do a thorough review of any account access you may have provided via third-party applications or social logins. Sometimes this access can fall into the wrong hands long after you have stopped using the particular app. By regularly culling old access rights, you can protect yourself from an influx of unwanted social media hijacking.
Remedy: fixes after an attempted hack
Even if you’ve everything possible to prevent a hack of your social accounts, sometimes breaches will still happen. What then? First, take a deep breath and then follow these steps:
- Run a scan for viruses or malware on the computer you use to access your social profiles, and remove anything the scanner finds.
- Change your password immediately to limit further access. Make sure it is both significantly different from your previous ones, but also different from the passwords you use for other accounts. It is strongly recommended that you also change the password for any linked email addresses as an additional precaution. If the password in question is used on any other social networks and sites, you should change those passwords, too.
- Post on your social profile that your account has been hacked and that you were not responsible for changes or communications. If unwanted private or direct messages were sent as part of the hack, reach out to those contacts directly, where possible.
- If you had granted access to third-party apps, immediately revoke all access or, at the very least, review the access list and remove any you do not recognize or no longer use.
- Make sure your email address is still correct in the account settings. If not, revert it after changing your password. If you are unable to log in due to the email or username being changed, you will need to contact the social media platform’s support team in order to regain control of your account.
Remember, many brands big and small, celebrities, politicians and even your neighbors have been hacked before. Take a deep breath, don’t panic and set your sights on good preparation, and you can effectively minimize your exposure and damage.
Blaise Grimes-Viort is chief services officer at social media agency The Social Element.