For many small businesses, social media marketing is a tool to get your message out to potential customers cheaply. So many small businesses have turned do it, and are putting information on it that they should not, that hackers have started making them targets.

Protecting your social media marketing accounts from hackers is possible on any budget. There are some common sense tips which you must follow, as well as some tools that will help protect you even further. Do not wait until after you are hacked to implement these policies. A hacked social media account could cost you the trust of your followers, as well as actual money in the real world.

Social media and hacking

Stop making assumptions about your privacy

It seems that everyone believes that anything that they put on their personal account is going to remain private. Not even the things that you put in your “private messages” will remain private from a hacker. This means that businesses could, without intending, give away:

  • Vital customer data, such as bank accounts and credit cards. This could be communicated to them through a private message while trying to sort out a customer service issue.
  • The travel plans of company owners and managers. This could also indicate a weakness for hackers to exploit in the real world as they plan an assault on a company.
  • Any daily activities of the company can be exploited by hackers. If you mention that you routinely go and do the daily deposit drop at a certain time, at a certain bank, they can be there waiting for you.

Your first step is to be sure that you stop leaving this type of information on your social media marketing accounts. Don’t ask your customers to provide it here, take them to a secure form or get on the phone with them. You need to choose more secure places for your communications than social media. It is not all that secure, nor is it meant to be.

The dangers of public Wi-Fi

The other mistake that too many people make is assuming that they are safe using their social media on public Wi-Fi. A common hack on public Wi-Fi is called a fake WAP. WAP stands for Wireless Access Point. The fake aspect of it is a hacker will set up a Wi-Fi connection, give it a name which mimics the name that you think you should be able to connect to, but is actually designed to steal your information in plain text.

There are two easy ways to combat this danger:

  1. Always make sure that you asked the proprietor of the establishment you are in that you are using the correct Wi-Fi. This is a good first step, but what if their Wi-Fi has poor encryption? Or no encryption?
  2. To alleviate the issue raised in the point above, you are going to need to use a VPN. These are tools which encrypt your communications which are sent over any Internet connection. If you are not familiar with VPNs, choose one with an easy to use VPN client. Then you will just simply connect to your VPN once you have connected to any Wi-Fi connection.

This can be a major issue when you go to conferences and trade shows and think that the Wi-Fi are using their it’s completely free. There’s a reason that it might be free. That reason might be that they are stealing from you. Once you have done the above steps you can be free to use your social media marketing accounts while you are out in the world sharing the latest content.

Company identity theft

This is a common spamming method where accounts will be taken over to spam the followers of the account. Most of the time it’ll be taken over by those looking to spam porn. As you can imagine this leads to some considerable embarrassment on the part of the marketers.

This tweet was from a small trucking and logistics company. Sunglasses are also common:

The second tweet was from a small record store in New York. Do you believe me now that social media hacking can happen to anyone, even if you think you don’t matter? You should.

To look at this from a marketing perspective, the return on investment is still profitable for the hackers. They put no effort into building the audience. They simply hack into your account using various tools and methods, blast up there message, and maybe they get a few clicks out of it. To defend against this you should use:

  1. More than one email: Every single piece of information that a hacker can steal from you is useful. Using the same email account for every single social media marketing account makes it easier for them to hack you. If they don’t know the account to login with, is another hurdle for them to overcome. Use a variety of email accounts, and forward them all to one.
  2. A variety of strong passwords: Most social media marketing accounts which are hacked are done through brute force attacks. This is when a tool simply guesses your password thousands of times per second until it gets the right one. Using complex passwords, and a variety for different accounts, will negate brute force attacks. It is strongly recommended that you use a password managing app for this.
  3. Two factor authentication: Using two factor authentication will help prevent hackers from gaining access to your accounts by creating another hurdle for them. Two factor authentication makes it harder for them because if they try to sign in from a computer which is not yours they will need access to your phone or email for a unique code that will allow them one time access. Many of the most popular social media accounts use this.

By now you should understand that your goal is to make things harder for the hackers, and make it so they want to move onto another target. The three points above will definitely make it harder for them to hack your social media marketing accounts.

Untrustworthy links and downloads

Social media accounts, whether they’re from marketing or not, frequently have untrustworthy links and downloads sent to them. Sometimes this is done in a manner known as spear phishing, where there is a specific target, sometimes it is just spam sent to everyone possible.

Either way, there are some common tactics that you can use to defend against these attacks:

  • If you don’t trust it, don’t click on it. Whether or not you click on a link, or download something, is not going to be a life or death situation. However, clicking on the wrong link, or downloading the wrong thing, could be the life or death of the trust placed in your company.
  • Hover over the link. Most browsers will display the full link in the bottom left hand corner of the browser when you hover over top of it. Take a second to check out the entire link, read through it all be sure it’s legit.
  • If a link has been shortened, as is common on social media, you can use a tool like URLVoid to expand it. This will also tell you whether or not the link is trustworthy.

If at any time going through these three steps you don’t trust the link, don’t click on it. Do not put your computer, or mobile device, or even your company, at risk.

You are responsible for your social media

If your social media account is hacked, it’s your fault. Yes, you can go and report it to Twitter or even Instagram, and they can try to help you. It all started because you didn’t take the appropriate steps. Take the time to be a responsible social media marketer and lock down your accounts using the tips above.

Author: Marcus Habert is an online security and privacy writer whose tweets you can find on the Twitter account of @BestVPNs. If you don’t tweet, visit his blog on the website to learn more from his weekly column. Everyone from businesses, to private individuals, can learn.