Your social media accounts and hackers – what you need to know
For any business, a digital presence is important. No, not just important – it’s vital. Technology has made a tremendous impact on how businesses are run, making it easier than ever before. From connecting with customers to running a successful ad campaign, it can all be done with the touch of a button. However, it can be just as easy for someone to hack your business’ social media or digital advertising accounts and do some damage to your reputation or worse, your bank account. We, unfortunately, live in a world where this can happen to anyone at any time, but it can be prevented sometimes by following these key digital account etiquette tips:
Make sure you regularly check in on your accounts
It’s essential that you have someone running your social media accounts consistently and that this person knows exactly what they are doing. As a cautionary tale, we had a client call us recently who used to run their own Facebook account, business page, and advertising by boosting posts. It seemed simple enough to them, which is great, however…someone unfortunately hacked into their account and used it to run ads for other business pages through their account, racking up a large bill on their credit card. Not only did they have to recover access to their account, which is a pain in its own right, jumping through ridiculous hoops to do it, but they also had to deal at length with the credit card company to investigate the extra charges, prove that they didn’t make them, themselves and attempt to recover the funds that were spent on their behalf.
By checking in on this account more frequently, this problem could have been caught much earlier on which would have saved this client a lot of time and trouble in the long run. It’s also a good idea to review which accounts your business is no longer using and closing those accounts…before they become a problem. Whether they are ad accounts or social media accounts that have been used in the past to manage a business page. If you’re not using them, shut them down, ensuring of course, that you have another access point before closing them out.
As another unfortunate example, we’ve also recently been contacted by a client who was running their own Google Ad account. They hadn’t logged into their account in months, mostly because of covid-19 impacting their business, their credit card expired, and they lost their login information, so they were locked out from their account. Once we were able to help them recover their account login, we discovered they had been hacked and someone had used their account to run ad campaigns using various stolen credit cards - for months! The balance to be paid outstanding on the account was north of $35,000!
Again, by regularly checking their account and keeping their login information more secure, this all could have been easily avoided.
But what are the best ways of keeping your login information secure?
1. Change your passwords regularly: It’s typically good practice to update your password every 3-4 months and to ensure it’s a difficult password to guess. But also remember to update your passwords when staff leave and to review your page admins monthly so you always know who has access to your accounts. If you’re working with an agency and you end that contract, you’ll also want to make sure you remove their access to your accounts and break any connections they have to your data.
2. Make sure you have access to all your online accounts as an owner: You should be able to log into all of your online accounts at any time and you should as the business owner be the primary owner of that account. Keep all of your login information in a safe place, whether that be on an external drive, on a safe folder on your computer, or written on a sheet of paper locked away somewhere. Find what works best for you so you can keep track of all your login information in a safe place. There’s nothing wrong with having a professional or staff member set up a social media page or account for you, so long as they transfer the ownership to you as soon as it’s created. There’s nothing more time consuming than trying to track down past logins or accounts simply because it wasn’t made a priority, to begin with.
3. Always have recovery emails or numbers in place and that you have access to them personally: Sometimes when we are creating our accounts, we skip this step because we think to ourselves “when will I ever need a recovery email or number?”. To help maximize your online security, it’s best to have a recovery email or number in place as a safety net in the case of your account being hacked. It’s also a good idea to make the recovery phone number the owner’s cell number or email address so that those don’t go missing eventually as well. Many clients that start working with us for example, often only have some of their login information for their accounts. They need help recovering this information and it's difficult because some of the accounts created are linked to a past employees’ email and phone numbers so they can't access the recovery information they need. For example, if the person that setups an account, connects the admin email as an “owner” to their work email address, but then years later that person moves on from the company, often the work email address is deleted, which also deletes your recovery email access point. So, keep in mind if you are adding recovery information, make sure it’s linked to a business e-mail that you won’t be likely to change over time or to a main phone number instead of an employee’s personal contact information.
4. Use unique emails and make passwords difficult to guess: This one is obvious to some, but it’s also a big one that people don’t use often enough. It’s good to have a few different e-mail addresses that are only used for account logins so that all your accounts aren’t under one e-mail. This way it makes it more difficult for a hacker to guess your login name and password. And as annoying as it is sometimes creating a password with the right amount of characters, symbols, capital letters, and numbers, it’s CRITICAL to keeping your information safe. If it’s a tricky password to remember, just write it down or save it somewhere you know it will be safe and use a unique password for each login. It’s way too often that we see things like the business name or address with a 123 or the owner’s name all lower case, but the logins across the globe that are most often hacked on social media accounts, advertising account, and website logins are “admin” with a password like “admin123”.
Most importantly you must know that there are actually people out there whose mission in life is to hack stuff for the sole purpose of stealing from you, the unexpecting web user.
Whether it be for data, your SIN number, your identity, your email contact list, or your money. It can happen to you. These are all local stories from the past week or two that we have mentioned. Which is why we feel it’s important to bring it to your attention, as our clients, or not (yet 😉). We want to ensure you’re taking extra measures to protect yourself and your business too.
Because your business’ online security is important. Although you may not think it can happen to you, always remember that a hacker can strike at any time. However, with these tips, you can sleep a little better at night knowing you’ve taken the right steps to keep your business safe. If you would like to learn more about account security or would like help running your social media or advertising accounts, at 3SIXTY Marketing Solutions, we’re always happy to help! We specialize in digital advertising, marketing, web development, and social media, and have been working with many clients across Canada and the United States for the past 9 years to not only keep them safe but to optimize their budget, increase sales and engagement, and to make the most of their online presence. Give us a call today at 705-252-4180 to set up a meeting and let’s chat!