Cybercriminals like to target small businesses’ social media accounts—here’s how to keep your accounts safe.
If you own a business, you're using social media in some form or another to market your business because it's hard to resist the allure of free marketing or advertising that social media brings.
However, it's important to be aware that cybercriminals know that individuals and smaller businesses don't have systems in place to keep their accounts safe, so it's important to secure your social media pages.
Why Do Hackers Attack Social Media Accounts?
Cybercriminals like to target your online accounts because you're unlikely to update the passwords. If they gain access, there are several ways they can profit. Initially, a cybercriminal might make a fake account using your picture and duplicate some of your posts. Then they will send friend requests to your network, to see if they can lure your connections into connecting. Once they gain some traction, they will send phishing messages to your connections to see if they think it's you sending the message—making it more likely your friends will fall for a scam that's designed to trick them out of money or personal information.
Another tactic crooks use is to outright hack into your social media account. Once in, they can use credit cards that are associated with your account to run up charges and can use your account to send out phishing emails to your connections.
If your account is hacked, there is no way to regain access because criminals will change the password and any multifactor authentication (MFA) you activated on the account. You will also lose access to any business pages that are connected to your personal account.
How Do You Stop Social Media Hackers?
The best defense is a great offense, right? The first step is to find out what information of yours is floating on the dark web. Data breaches occur all the time all over the world and from companies that you normally do business with and share information with.
One great resource is the “';--have i been pwned?" website, which will tell you if your e-mail and password information is floating around in the dark web. If you discover it is, you need to identify which online account was breached and change the password for that online account, as well as any other accounts that were using the same password. Cybercriminals love it when people use the same passwords for more than one online account.
Speaking of passwords—generating unique, unguessable passwords can be a pain in the butt, but they are one of the most important things to keep your online accounts safe. Remember, social media account login screens are accessible to anyone in the world with a device.
A password that is only a common word, like “december" takes about 18 milliseconds for a computer to crack, according to Use A Passphrase. Simply upgrading to a passphrase of four or more randomly chosen words—for example, “mergers decade labeled manager"—can take 6,000,126 centuries.
MFA is also a critical factor to keep your social media safe. If someone tries to access your account with your password, you'll get an alert via text or email to verify you're trying to log in. If you're not, you're given the opportunity to deny the log in attempt and change your password.
In today's digital age, it's almost impossible for you to remember every password and passphrase for all of your online accounts. Your best bet is to use a password manager to store them. There are many password keepers on the market, but it's probably best and more convenient for you to use the password keepers built into your favorite web browser.
Burton Kelso is a TEDx speaker and keynote speaker on technology and cybersecurity and is the owner and chief tech expert at Integral.