Many people look for ways to build up and successfully maintain their social media profiles. Other people online, however, are looking for ways to tear down those profiles. This article will help you prevent your business social media account from being the victim of a hack.
There have been many hacks over the past few years, and this is an issue every business owner and social media manager should be concerned about. Online hackers break into social media accounts to make accounts they don’t like look bad, to steal data, or just for the fun of it. Prepare yourself, and don’t wind up being someone else’s good time!
Defend Against a Brute Force Hack with Better Passwords
Brute force hacks are some of the most common types of hacks out there. It's rumored that the hackers who started the latest string of Hollywood photo hacks didn’t actually breach the iCloud servers at all. The rumor, and I tend to believe it is true, is that each victim was targeted and had their individual passwords hacked via a brute force hack.
A brute force hack is when, essentially, a hacker users a program to guess what your password is. These tools are freely available; you might know them better as "password recovery tools."
How you make it easy for hackers is by choosing poor passwords. CBS has a list of the most common passwords. If you think any of them are cute, think again, as you could be hacked easily!
The most popular are numbers like 123456. But common words, like these, show up too:
If you’re using any of those, or some variation, please protect your social media account better than this! Try using a phrase or whole sentence that is easier to remember.
Are You Not Varying Your Passwords Between Social Media Accounts?
OK, you took my advice above and now use the password Iamtotallythegreatest1ever on all of your social media accounts. Now that’s a nice idea, but if that one password is leaked you go from losing one account to losing them all.
You can get around this by using multiple passwords, or a unique one for each account. To keep track of all this, try using a password generator tool that also manages your passwords for you:
- LastPass: Creates strong passwords, stores them under heavy encryption, will enter them for you on the social media account’s login page.
- Password Genie: A business may be better off with this one as it does what LastPass does, but adds in the ability to store other data with encryption.
- PassPack: For team environments, try using this one as it stores the multiple passwords in a spreadsheet behind encryption.
- SplashID: This mobile geared app is ready to download onto your Blackberry, Palm OS, Windows Phone, iOS and WebOS mobile devices. They supply you with a USB key for your desktop.
Your password manager won’t be worth much if it doesn’t use a series of random numbers, letters and punctuation marks to construct your passwords. I also personally never settle for less than 16 character-length passwords, and neither should you.
Ever Heard of a Fake WAP Attack?
You’re still doing good and following the above tips. But you haven’t quite prepared yourself for the Fake WAP attack. These happen at wireless access points, like at the coffee shop or the conference you’re attending.
To give you the skinny, a fake WAP — or man-in-the-middle-attack — takes place when a hacker sets up a WiFi signal that looks legitimate, but is actually there to steal passwords and other private data. They do this because so few people think to protect themselves at these moments.
To protect yourself against these attacks, use a VPN service every time you connect from anywhere outside your business. They encrypt your data completely, making it impossible for a hacker to read your data. With your information being a chore to steal, every hacker will move on to an easy target. You can find out more about the best VPN providers in this Top 10 list.
No One Thinks of Insider Threats Until They Happen
Insider threats to your company (and even bitter ex-employees) are a real threat to your reputation. One of the most hilarious examples was HMV employees live tweeting their mass layoffs on the company Twitter account.
There were plenty of LOLZ for us here on the outside, but HMV wound up looking very foolish. These types of insider threats are often ignored while everyone is on good terms, but you need to plan for the worst too.
The people over at CERT have a number of tips on insider threats, but it is point five — “disable accounts and/or connections upon employee termination” — that is of note here. you can secure your social media accounts by not giving your account manager, or anyone else who handles your company accounts, access to the account itself.
You can do this by having your account managers do their work through a social media dashboard like Hootsuite, Social Oomph, BufferApp and SocialFlow. These all in one tools allow you to maintain control over the main account, and give you the chance to shut down the employees who are about to leave before they can hijack the accounts and have an HMV of a good time.
You’re also minimizing risk because a tool like Hootsuite can have many different accounts on it, but still only one password that you give out. This is a tactic where you’re minimizing the chances for password theft by mistake as you transmit the password to you employees.
Social media hacking is a real threat, but there are ways you can help protect yourself. Have you been the victim of hacking? Or do you have any other suggestions on how to protect yourself? Let us know in the comments.