I’ll admit that was I was very tempted to trick you all into reading this post by making the title ‘How to Hack Facebook,’ but I resisted. Unfortunately, that’s one of the most commonly asked questions in Cybrary support and shows just how important it is to keep your social media accounts secure.Those who are tempted to illegally
access the Twitter, Facebook, Instagram, of a friend or ex, think again. Cybrary does not promote the usage of our site for those motives. Rather, we want to educate all users on how to secure their information and make those best practices second nature.With all of the personally identifiable information we share on social sites, some which we’re not even aware of, hackers have only become more adept at locating that information and using it to gain access to our accounts. Often, because these accounts are linked so closely together, it creates a domino effect that makes the impact of one ‘hack’ much greater.What’s worse, if you’re on social media while at work and connected to the corporate network and your account gets hacked, you’ve now made your entire company vulnerable. Yup, it’s a big deal.According to ZeroFox, “Social media represents the largest modern threat vector: it’s got more connectivity (billions of people), it’s more trusted (everyone is your friend) and it’s less visibility (simply by it’s nature) than any other communication or business platform. Security teams need to join their sales, marketing and customer success groups in the digital era, follow social media security best practices and implement risk monitoring and remediation technology around social media to secure their organization’s future.”Needless to say, it’s an incredibly important topic for every person who accesses the internet. Now that you know why unsecured social accounts are dangerous, let’s explore how you can protect yourself from compromise.
10 Tips for Securing your Social Media Accounts
- Create a unique email for social media. If you are compromised, hackers won’t have access to any other valuable information.
- Enable two-factor authentication. This is one of the best methods for protecting your accounts from unauthorized access.
- Close unused accounts. With security, you can’t take the approach of ‘out of site, out of mind,’ so it’s best to terminate your account altogether if it’s no longer in use.
- Update mobile apps regularly. These updates can protect you from threats that have already been identified.
- Practice good password hygiene. This should go without saying, but I’ll say it again anyway.
- Monitor your accounts regularly. The sooner you notice suspicious activity, the sooner you can recover your account.
- Adjust the default privacy settings. Lock down your account from the start. Select who can see what posts, when and what information is shown on your profile, to who.
- Be mindful accessing accounts on public wireless. If you have to connect, log completely out of your account after your session.
- Accept friend requests selectively. There is no obligation to accept a “friend” request of anyone you do not know or do not know well. Fake accounts are often used in social engineering.
- Limit 3rd party app usage. Only authorize legitimate applications, and be sure to read the details of what you are authorizing the particular app to have access to.
Perhaps the most important takeaway comes from Security Expert, Paul Pereira-Brunner: “In the case of social media accounts, you should make absolutely sure the email they are linked to has as much protection as possible. It's a single point of failure…since everyone gets their password reset emails there. That's the major way people get in.”
What do I do If I’ve Been Hacked?
First things, first: Don’t panic. If possible, log into your account and change your password. Review the recent activity on the account and delete anything that was not posted by you. If you find spam, be sure to report it. Check your bank account and other accounts to ensure that they were not also compromised. At this point, enable two-factor authentication.Specifically, you can get account recovery help from:
We recommend brushing up on some cyber security best practices. Courses like the CompTIA Security+
can be a great way to get a jumpstart on data protection practices. The Security+ course teaches general security concepts, communications security, the basics of cryptography
, and organizational and operational security to prepare for the certification exam. Additionally, certifications like the GIAC Security Essentials
measure a comprehensive understanding of security tools and techniques.For those ready to test their cyber knowledge, try the Cyber Security Fundamentals Interview Assessment.Olivia Lynch (@Cybrary_Olivia)
is the Marketing Manager at Cybrary. Like many of you, she is just getting her toes wet in the field of cyber security. A firm believer that the pen is mightier than the sword, Olivia considers corny puns and an honest voice essential to any worthwhile blog.