10 Easy Steps to Keep Hackers out of your Social Media Accounts.
Following on from our previous blog post about Celebrity/Corporate Twitter accounts being hacked, we'll walk you through 10 easy steps to implement that will keep your social media accounts safer and securer.
1. Use a Strong Password.
Mix it up - use numbers, symbols, upper case & lower case letters.
The golden dozen - a password with 12 mixed up characters would take a brute-force attack an approx. 7.5 million years to crack. (7 characters, approx. 9 minutes)
Don't copy & paste - use different passwords for each account. Especially your email account!!!
Make life easier - with so many passwords to remember nowadays, use a password management tool to keep your passwords safe and your life stress free.
2. Use Login Verification.
Login Verification, 2-Step Verification, Two-Form Authentication(2FA). Think of it like a safety net incase your password becomes compromised.
How it works?
When you log onto the site for the first time with a new phone/computer or other device, you'll get a pop up box asking you to enter the verification code.
Shortly after, you'll receive the follow up text/email with the code. Enter the code and you're in!
3. Limit Who has Access to the Account.
Remember the Three W's:
Who - Don't email or text the password out, ensure you know 100% who you're giving your password to, face to face being the easiest way to ensure this.
Why - Keep it to a need to know basis, Marketing/Social Media teams make sense but does the Accounts team need access?
When - Don't leave people with indefinite access, regularly review the previous two point, especially after staff have left the company.
4. Monitor Login Activity.
Most social media sites will have a "login activity" page that will list all login attempts, found within the settings.
If you don't recognise the login device, location etc then immediately stop the connection and review your security process.
After an unauthorised access attempt, it would be recommended to change your password.
5. Watch out for Phishing.
Phishing is when someone tries to trick you into giving up your social media or email username and password, usually so they can send out spam to all your followers from your account or gain financial details.
A common tactic is to tell you, your social media account has been hacked & instruct you to change your password immediately.
They might claim that you've won a contest & all you need to do to claim your prize is log in to your social media account.
Don't click on any link from unexpected emails as often, they’ll try to trick you with a link that goes to a fake login page.
6. Be wary of 3rd-Party Apps & Websites.
Downloaded a new App and it's asking you to sign into social media first? Be careful!!!
Doing so gives the apps limited access to your social media account. What is can access changes from App to App or Website to Website, contacts, settings, messages etc. Some can even post on your behalf.
Never give your username and password out to untrusted third parties, especially those promising to get you followers or make you money. So beware, if you experience anything unexpected or unauthorised, immediately remove the app from your account.
7. Look out for Unusual URLs.
Beware of short/unusual URLs. Before you click on shortened URLs, find out where they lead by pasting them into a URL lengthening service, such as URL Expanders for Internet Explorer or URL Expanders for Firefox.
Shortened URLs may be directing you to sites hosted by criminal to steal your login details.
Watch out for suspicious links, and always make sure you’re actually on the official site before you enter your login information. Look out for the Padlock symbol on the address bar and if unsure, retype the address yourself without using autofill.
8. Use a VPN whilst on Public WIFI.
Protect your private information and sensitive data from snoopers and hackers while surfing the web at WiFi hotspots, hotels, airports and corporate offices with a VPN provider of your choice.
Most Public WiFi hotspot don't require a password and allow anyone on to them. Hackers are able to use software such as WireShark to analyse all the data being transmitted over the connection.
VPNs keep all your data private even on a public connection, if you don't wish to use a VPN then follow the simple rule of "Don't enter any details you wouldn't say out loud."
9. Update your Computer and Operating Systems.
Make sure your computer and operating system is up to date with the most recent patches, upgrades and anti-virus software.
When updates are released, they come with "release notes" which highlight the changes. Or in other words, showing what the weaknesses of the previous versions were.
10. Protect your Phone.
If your personal or business phone has access to your social media accounts make sure you protect your phone/tablet or other device with a passcode.
That way if you lose or phone gets stolen then your accounts are safe.