Does Social Media Power Your Business?
4 quick wins to protect your small business’s social media accounts from hackers
What percentage of the sales from your small business come from social media marketing? With more than 1 billion active monthly users on Instagram alone, businesses have come to realise, and depend on, the power of social media to sell to their ideal clients.
Social media has made it easier than ever before for small businesses to reach new audiences online. If managed successfully, these free social media platforms give businesses the ability to connect with potential customers and drive sales. It’s no wonder more than 70 per cent of businesses use social media for their marketing.
Increase in cyber attacks on small business
If you, like the majority of small businesses in the UK, rely on Facebook, Instagram or Twitter as your primary marketing channel, are you aware of the likelihood of a cyber attack? And the devastating implications to your business should that happen?
Have you ever considered what would happen to your business if your social media accounts disappeared overnight?
Despite the fact that Facebook, who own Instagram, have hit the headlines on more than one occasion as a result of huge data breaches, many small business owners have never even thought about the possibility that their businesses may be vulnerable to cyber attack through a social media platform.
In recent months, however, there has been a growing number of news stories about criminals hacking and deleting social media accounts, and the disastrous impact that has had on businesses across the country.
Vegan shoe company Beyond Skin lost 38k followers, built up over years of hard work, when their Instagram account was hijacked in July 2020. The company received an email that stated their Instagram account had been taken over and would be deleted unless Beyond Skin responded within two hours.
The company contacted Instagram for help, but the next thing they knew, their account had been permanently deleted and all their posts and followers lost. As a result, Beyond Skin have reported a 23 per cent decrease in sales.
Similarly, The English Stamp Company was targeted with such an email and their account, with almost 29k followers, was closed by hackers.
In both cases, the companies were victims of ransomware attacks. The use of ransomware by cyber criminals had previously been declining, but business owners are now seeing a resurgence in these kinds of attacks via their social media accounts.
What is ransomware?
Ransomware is malware (malicious software) that locks your files. Hackers then demand you pay a ransom to unlock them.
The recent spate of ransomware attacks on social media has seen cyber criminals hack into small business’s social media accounts, change the password and then email the business threatening account deletion unless the business pays what they are asking for.
Even if you do respond, there is no guarantee you will get your account back, or the hackers will ask for more money. It’s a no-win situation for small business owners.
Why are small business owners so vulnerable to social media hacks?
If you’re a small business owner, you will know just how much blood, sweat and tears goes into getting that business off the ground. You will have worked all hours of the day in order to build your customer list on social media – you know how important those hard-won followers are.
Often there is no budget to employ a dedicated social media manager, so inevitably, everyone pitches in, doing what they can to reach new customers. For small businesses that means several people will have access to your social media accounts, perhaps even outside contractors.
Do you have a master list of everyone who has ever been given access to your social media accounts? We bet it’s pretty long and includes people who no longer work for your company.
When was the last time you changed your password? How many of those people could still access your accounts today if they wanted to? When lots of people use the same password, that password tends to be simple and easy for anyone to remember – a hacker’s dream.
While it is often small businesses who overlook the issue of cyber security, assuming it’s too complicated and that their business is too small to be targeted by cyber criminals, it’s small businesses who are the most vulnerable to this type of ransomware attack because they are often entirely dependent on social media for marketing and sales.
How can small business owners protect their social media accounts from being hacked?
Improving the security of your small business’s social media accounts is very straightforward. These four tips can be implemented today to immediately mitigate your risk of being hacked.
Turn on two-factor authentication
Social media platforms now offer the opportunity to use two-factor authentication as standard. When you are offered this option, don’t ignore it.
Two-factor authentication means that whenever someone tries to log in to your account from an unrecognised device, a code is sent to the mobile phone or email address to which the social media account is registered. You will need to enter this code to verify that you are the registered account holder.
Any unusual or unauthorised access attempts should be reported to the social media platform immediately and your passwords should be changed.
Create a strong password – and change it regularly
Often more than one employee within a small business has access to the business’s social media accounts. While it’s tempting to use a simple password that everyone can remember, this is the easiest way hackers gain access to any account.
Just like with your other business passwords, your social media passwords should be long, random and impossible to guess. You should never write them down and change them regularly to ensure only the people who currently need access can gain entry to the accounts.
Instagram recommends that your password should be a “combination of at least six numbers, letters and punctuation marks (like ! and &). It should be different from other passwords you use elsewhere on the internet”.
Don’t use third-party apps
There are a whole host of apps, many of them free, that promise to help you improve your social media marketing by connecting to your social media accounts.
While many are legitimate, a large number of them aren’t and you should be cautious about which apps you download and give access to your accounts. Instagram does not allow apps that breach their Community Guidelines or Terms of Use, and that includes bots that follow or engage with other accounts on your behalf.
To check what apps currently have access to your accounts, click on the Settings button, then Security, then Apps and websites. Here you can revoke access to any app that you don’t recognise or looks suspicious.
Always log out when using a shared phone or computer
We know it’s a pain logging out and back in again, which is why so many people fail to do so, but whenever you log on to your social media accounts from a device that someone else has access to, it’s essential that you always remember to log out once you’re finished.
Never tick the ‘Remember Me’ box when using a shared device as it will give anyone access to your accounts even once you’ve closed the browser window. It might take a few more seconds of your time, but will save you a lot of trouble in the long run.
If these recent news stories have given you the wake-up call you need to prioritise your small business’s cyber security then get in touch with us today to learn how MELCaaS can provide peace of mind that your business is protected from the near-certain threat of an information security breach.
MELCaaS, Melius Cyber Security’s pioneering vulnerability-scanning technology, automatically works in the background of your operational systems to carry out a daily simulated penetration test. This checks your network for any vulnerabilities and offers recommendations for eliminating potential risks.
To help small businesses mitigate the risk posed by social media hacks, we are offering a month-long trial of our MELCaaS Cybersecurity as a Service. If you sign up after the trial we will throw in some extra bonuses, including scanning and securing up to five home working environments.