How to Secure Social Media Accounts from Hacking or Malicious Attacks?
Social media security compromises can result in tangible and intangible losses to individuals and corporate accounts. It can lead to losses on account of users not able to get information contained in posts and even stealing of employee credentials and hackers getting access to company's internal management systems.
The high profile twitter accounts of President Barack Obama, Amazon CEO Jeff Bezos, and Tesla and SpaceX CEO Elon Musk, were hacked. Most often the intention of a malicious attack could be ransom or stealing information to create scams. The Twitter accounts of Obama and Musk were used to create bitcoin scams that earned the attackers over $100,000.
In UK, social media hacking victims lost over 3.5 mn pounds in 2020. According to AddictiveTips.com, 13,343 cases of social media and email hacking were reported in 2020 in UK. Experts were of the view that in India there was underreporting of cases.
An attack can happen to an individual or corporate account unexpectedly and hence it is better to take precautions and not wait for something disastrous to happen. The following rules apply to FB, Twitter, Google Accounts and also LinkedIn.
1) Keep your passwords secure and not share it with anyone. Keep changing the passwords periodically and also include capital letter, small letters, special characters.
2) If multiple pages are managed from an account, it is better to define the page roles- admin and editor positions and review them periodically. The employees who have left the organisation should be removed from page roles.
3)Don't keep the pages open: A page or social media account not logged off on a desktop or mobile device can invite malicious attack. Log out after each session and even after sharing website content or any other online content.
4) Two factor identification: It is always better to put two factor identification: password with OTP generated on a mobile number assigned to the account. This will ensure that each time someone tries to log in from a different device the account administrators will be alerted and can prevent unauthorised entry. Google also provides this facility when logging into gmail or other google accounts from a different device.
5) As far as possible don't reveal the phone number or personal numbers on the social media pages. Instead, let the communication happen through Messenger or appropriate chat facilities.
6) Report all malicious attempts immediately to the service provider: FB, Twitter etc.
7) In the unfortunate event of data breach, keep all records and evidences such as screen shots which may contain the ip address, time and details of device used for unauthorised entry for reporting to Cyber Cell of Police.
8) Save the cover page photos, logos and important descriptions and posts in a separate folder which can be used in case the attackers have deleted all such information from the account.
"Page admins have to constantly monitor the FB accounts every few hours on a daily basis to quickly know about the account being hacked and take prompt action to recover the account. Delay in reporting and recovering account can lead to loss of content created painstakingly and cause drop in daily reach or engagements of our social media account," according to Dhanya AK, Manager, Eduportal and Digital Marketing at Pallikkutam.com.
(Readers are invited to share their experiences or suggestions on the topic to email@example.com)