In the media over the last few days, we’ve heard warnings from our Prime Minister regarding the intensifying online attacks against Australian organisations.
You might be tempted to think “it won’t happen to me” or “I’m too small for them to target”.
I can confidently tell you that from the number of emails and phone calls we’ve had at Digital Marketing AOK from clients and non-clients in the space of the last 10 days… you aren’t too small, and you may be targeted.
We’ve had people losing complete access to their personal Facebook Profiles, and then being removed as Admins from their business Facebook Pages. We’ve heard of others losing access to their Instagram accounts with over 100k followers, and having the handles changed. Just to name a couple of examples!
There are plenty of IT specialists out there who can assist with securing your networks and other IT infrastructure, but how can you protect your social media accounts?
Protecting your Social Media assets
To protect your personal and business social media channels, we recommend setting up Two-Factor Verification, also sometimes called Two-Factor Authentication.
Essentially it is an extra layer of security for your social media accounts. It’s an account security feature that requires any person attempting to gain access to your account to provide additional authenticity or data before they are allowed access. So even if someone hacks into your email and resets your password for Facebook, they still can’t login to your profile without entering the second piece of data, which is usually a code that is texted to your mobile number, or that appears in an Authenticator app. Personally I like to use the Google Authenticator app (App Store).
The beauty of this is that when someone attempts to login to one of your acounts from a device that isn’t recognised as yours (i.e. not your phone or your PC), then you will get an alert to your email address notifying you of this attempt.
Here are the steps to follow for each of the key social media players, and we would recommend insisting that ANY and all staff with access to your corporate social media channels have these enabled for their accounts:
Turning on Two-Factor Authentication for Facebook
- Go to your Security and Login Settings.
- Scroll down to Use two-factor authentication and click Edit.
- Choose the security method you want to add and follow the on-screen instructions.
- Login codes from a third party authentication app.
- Text message (SMS) codes from your mobile phone.
Turning on Two-Factor Authentication for Instagram
When turning on two-factor authentication on Instagram, you can follow the steps for choosing either text message (SMS) codes, or a third-party app:
- Go to your profile and tap .
- TapSettings.
- Tap Security and scroll down to tap Two-Factor Authentication.
- If you haven’t already turned two-factor authentication on, tap Get Started.
- Tap next to Authentication App, then follow the on-screen instructions.
- Enter the confirmation code from the third-party authentication app to complete the process.
Turning on Two-Factor Authentication for LinkedIn
If enabling two-factor authentication on LinkedIn on your desktop:
- Click the Me icon at the top of your LinkedIn homepage.
- Select Settings & Privacy from the dropdown.
- Under the Login and security section of the Account tab, click Change next to Two-step verification.
- Click Turn on (Note: You may be asked to enter your password for security reasons.)
- Choose the preferred verification method from the dropdown and click Continue.
Turning on Two-Factor Authentication for Twitter
Twitter allows for two-factor authentication via 3 methods – code by text message, authenticator app, or security key.:
- In the side menu, click More, then click Settings and privacy.
- Click on your Account settings and click Security.
- Tap Two-factor authentication.
- Select one of the three methods.
What else can you do?
Be vigilant. Be wary of ‘official emails’ from Facebook or Instagram, don’t click on links in these emails. If in doubt, login to your account and check your notifications for updates or queries.
If you get stuck and you need more help, feel free to get in touch with us.