SMSP logoHIGHRES

 

Social media is one of the shiniest tools in the marketers’ toolboxes today. We spend so much time focusing on launching and improving our social media campaigns to increase reach, engagement, and follower base. We do this to spread the word about company’s products and services. What we don’t do often enough is think about the dark side of social media risks and how, despite our dedication to great marketing, we could be responsible for a potential branding disaster for our organization.

Social Media and Hackers

How familiar are you with different types of social media security threats? With billions of active users disclosing personal data and organizational representatives often unknowingly leaking confidential information, social media has become the new favorite playground for hackers. You might have heard about bad actors hacking into the social media channels of Burger King, Jeep, CNN, and others to post defamatory comments. What’s the possible damage beyond a branding disaster? In April 2013, hackers took over the official Twitter feed of the Associated Press and posted information about two explosions that hit the White House. This fake tweet sent the US stock market into freefall with the Dow Jones dropping 143 points. What would happen if someone accessed your organization’s Twitter feed and posted fake breaking news?

Here’s another example of how you could unknowingly damage your organization:

Let’s say that you are a marketing professional at a healthcare clinic. You open up your company’s Twitter account via a mobile device to quickly send an update. While scrolling through the feed, you click on a link that looks real, but turns out to be malicious. The link installs malware on your smartphone, allowing the hacker access to your secure clinic’s website via the phone’s cache. The hacker then gains access to confidential patient healthcare information. In the US, penalties for lax data security in a professional context can be punished by HIPAA with fines up to a quarter million dollars.

 

Three ways to protect your organization

 

Consider the tips below to protect your company from potentially devastating security breach.

1. Strong passwords and two-factor authentication

A strong, regularly changed password is the baseline for keeping your company’s social media account safe from hackers. Be sure to use long passwords with numbers, special signs ($#%&) and both upper and lower case letters. It is also very important to never use the same password for multiple social media pages. This will help you limit the scope of the breach to just one social media channel. Also, many social media platforms such as Facebook, Twitter and LinkedIn recently began offering two-factor authentication to help verify the identity of the user who’s trying to access the social media account. This means that there are two aspects of standard security that are used to authenticate your login request.  Twitter uses a username and password as the first factor, and when you implement their two-factor authentication (2FA), they send you a text when you log in with a security code embedded in it.  You must use that security code to login. This is a great way to prevent unauthorized access.

2. Beware of public WiFi

Many people understand the dangers of accessing their bank account information via a public WiFi, but fail to apply the same logic to social media sites. They choose to open their organization’s social networking site of choice on a laptop or mobile device in a café or other public place. A hacker who’s accessing the same Wi-Fi network can use a hacking tool to execute a session hijack and take over the social media account. The hacker will then have the list of all followers, and can freely post updates, comments and send private messages.  Avoid logging into your social media accounts via WiFi.

3. Stay up-to-date on social media security threats and the different types of attacks

Understand what social media security threats you need to be on the lookout for. Social media attacks are tricky because they rely on both technical components, like malicious software, and human components, such as tricking people into disclosing information by developing fake profiles or impersonating trusted connections. How much do you know about catfish attacks, malware, phishing, or social engineering? As social media marketers, it is our responsibility to stay updated on the different threats so that we can effectively protect our organization from potentially costly and embarrassing incidences. There are several training programs that you can participate in. One of them is the Social Media Security Professional (SMSP) training and certification program powered by CompTIA, a leading IT certification body. This comprehensive and only recognized IT industry certification program and social media security training gives professionals the tools to identify and mitigate security breaches and to develop effective social media policies for the organization along with user training on how to safely participate in social networking.

Social media is an important tool for marketers, and today it’s more important than ever to examine its dark side. We must become familiar with different types of hacker activity and be ready to do our part to make sure that we’re not the cause of the next branding disaster for our company.

 

See also: Protecting Yourself from Phishing Scams