There are a number of things that happen to "others" and we always say "It couldn't happen to me". We live in a happy delirium of denial that we are exempt from the challenges others have faced. No blame - I do it all the time!
But there is one fear that really worries me and I've seen happen to enough other people that I know I'm not exempt (nor are you). What is it? It's the fear that you could you lose ALL your social media followers.
We live in a crazy online world. And for any number of reasons, yes, you could, at any time, lose all your social media followers.
I'm not trying to scare you and this isn't meant to be some doomsday post. But these are genuine concerns we need to think about.
For all the tutorials and education and preaching and advice and suggestions we discuss about how to build our social media presence, we rarely talk about how to protect it.
So how or why could you lose all your social media followers?
Well, first of all, you're on rented land on social media. You don't own those names or contact information as part of your list. And at any point that social media site could be hacked or taken down or weened away from our use for any variety of reasons. Just imagine if Twitter one day said, you know what, we're done. We're closing down Twitter. Obviously, we don't see this happening anytime in the near future. But it could happen someday. Whether you have a hundred followers or a hundred thousand followers, they would all be gone.
In a less drastic scenario, maybe you have a team of employees (or a single assistant) who helps manage your business' social media presence. But then they leave your company - maybe you fired them, maybe they quit, maybe there's another reason. But they aren't working for you anymore - and they have all your passwords. We see this play out with celebrities all. the. time. And they have to apologize publicly for some inappropriate post by some former employee. But what if that employee decided to change all your passwords and not give you access back?
Or maybe there's something very appealing about your account (the username or the number of followers or the influence you have) that is highly appealing to hackers. And so, someone hacks in, takes over, and may even threaten or extort you to get your account back into your hands. If you're lucky enough to ever get it back.
Like I said, I know, we never think these things can happen to us. But they happen every day.
Here are just a few examples of cases related to these situations:
- Chalene Johnson had her Instagram and Twitter accounts hacked and lost hundreds of thousands of followers.
- Tesla had their Twitter account hacked but were able to get it restored fairly quickly.
- A simple Twitter account: @N had their account hacked and stolen purely for the username.
- A popular fitness account in Australia had their Instagram account hijacked and ALL of their content deleted. Fortunately, Instagram worked with them to restore their account.
So, how can we prevent being one of these victims? Well, I don't have any fool-proof plans for you, but there are few things to consider.
Of course, I'm also going to point out that you should be striving to get all your social media contacts onto your list. Yes, you OWN your list, you rent social media. So you should always be finding ways to get your social media fans to sign up for you list. This way, you can always stay in communication with them and convey issues should they arise.
I always recommend more than one trusted person have your account passwords and access info. On Facebook, this is easy because you can assign page admins and they can access directly from their accounts. On other platforms like Twitter or Instagram, this isn't as easy, but provide the login information to at least two people.
Why? It seems almost counter-intuitive to have more people with access. But if anything happens to you, someone else still has access. In the same paragraph, I'm going to say don't give it to too many people! Only those who need it should have access to it and it should be stored someplace secure.
However, if you have a large team of employees, you can use tools like LastPass (I haven't used this personally, but have heard about it for functionality) which allow you to share your access details with a team without actually revealing the passwords themselves.
Also, if you have employees or other people with access, put together a policy to handle changing passwords in the event an employee is terminated. For example, if an employee quits or is fired, all social media account passwords must be changed immediately (either prior to or as they leave on their final day).
When it comes to passwords, they should also be really hard to figure out. We should be long past the days of using our pets names or simple word passwords. You should have symbols, numbers, and random spellings for more difficult to crack passwords. And, yes, longer is better too.
Another layer of protection is to avoid using the same password for each of your social media sites. If someone successfully hacks into your Twitter account and now has your password, don't think they won't try that same password on all your other accounts and take those over too. I know it's frustrating to have a different password on every account, how many passwords do we already have to remember daily?? But it's a worthy precaution to take.
You can also use a tool like LogDog (again, I haven't personally used it) which monitors for suspicious activity on your profiles (I think for social media, it only monitors Facebook right now) and will notify you immediately.
Set up two-step verification passwords protections on your accounts (more important for sites like Twitter and Instagram). These aren't fail-safe tactics and introduce another aspect of security concerns regarding sharing your credentials with a third party. However, with the commonality and frequency of hacks and stolen information, this is probably a small concern overall.
You should also avoid public wi-fi when accessing your social media accounts. OMG, I know. I said it! Skip the free wi-fi? Have I gone crazy? Well maybe. But seriously, be very cautious and ensure you have all the security software up to date on your computer if you're going to access any accounts.
And, in the horrible unfortunate event that you do get hacked, get with the company immediately! Facebook has a number of forms and contact methods to resolve a hacked account. Other platforms can be reached by a variety of methods - use them all!! Don't be lazy - be persistent and vigilant until you get answers and have your account restored.
Like I said, I know these aren't fool-proof methods, but with the right combination of tactics, you can make serious strides towards protecting your valuable social media presence.
Have you been a victim of hacking or do you have tips on how to protect your accounts? Please join in the conversation below!
It would be great to see a more proactive response from social media platforms in protecting our accounts. None seem to take it seriously till after the fact. Recovery from hacks is a long, hard process. Do you think changing our passwords more often, helps?
I agree, Brenda. The onus is all on us as the account “owners” to handle the issues around hacking and that makes it so much more work for us.
I don’t think there’s any harm in changing your passwords regularly (or often). If you have multiple people with access, I think you should do this. But otherwise, I don’t know how much additional security it really provides. But, like I said, it can’t hurt, right?
I think everyone is afraid of losing their social media followers as well as losing their accounts. Everything can be hacked in this online world. Most hackers from today are skilled. Remember the Sony Pictures Entertainment Hack Incident last November 24, 2014? This is just one example that proves even a high security measured company can be hacked. How much more in the future? Good thing that there are some tools that can prevent and reduce the case of hacking. There are also safety measures to follow on how to protect our accounts.
You’re right, Barbara. This is only something that is going to become a bigger and bigger issue in the future.
Hi Jenn,
My name is Alla and I’m the Marketing Manager of LogDog, just wanted to give you a shoutout and say that we are very excited to be mentioned in your post!
It was very interesting to read your takeoff on how to protect the different social media accounts!
I just have a small note, LogDog protects not only your Facebook account but also your Twitter and Google+, Evernote, Yahoo and Dropbox.
Hope you will check it out, and let me know what you think 🙂
Hi Alla! Thank you for chiming in and clarifying the services LogDog offers!
I’d like to second the LastPass recommendation and also add Dashlane. It also saves passwords, generates secure ones for you and lets you share log-ins with other people without revealing your password. I actively use both to get account information from my clients. Having a tool like this also encourages you to use strong, unique passwords for your own accounts.
Hi Laura! Thanks for the additional recommendation!
Timely and informative article Jenn.
It would be nice if everyone talked more about protection from hackers than marketing, but that ain’t sexy and it ain’t where the money is ;0)
Some of it is common sense but in a day and age when we have dozens of accounts for all our online needs (not just social media) it’s hard to keep track and I plan to set up LastPass or OnePassword for that reason.
If you listen to Chalene Johnson’s podcast however, protection stems from way more than secure passwords.
Hackers are smart and evil and just doing it for kicks. We share so much personal info, from our birthdates to our pet’s names (think of all those “20 things you might not know about me” serial posts!) that makes it easy for hackers to bypass the password altogether – that’s the scary part.
I just wanted to chime in about websites too, since they are a huge part of our biz platform.
From a website perspective, be sure to update your plugins, theme and WordPress (this helps a lot with security) and install WordFence and some sort of backup (like Updraft Plus or BackupBuddy) to save your entire website contents to your own storage (like Google Drive or Dropbox) and not just rely on the hosting account. If you don’t want to do (or worry) about that stuff, invest in managed hosting like WPEngine or Flywheel. They not only help your website stay more secure, it can speed up your website (now a big component of Google’s search algorithm) because you don’t need plugins to manage security and backups, thus making your website a little less heavy and making it quicker to load.
Finally, be sure to actually check those 2 plugins to make sure a backup happened properly and to go in and manually block login attempts (it freaked me out when I looked at the WordFence data to see that dozens of login attempts had been made in the last few months, mostly trying the “admin” username).
I could go on and on, but I’ll leave that for an upcoming blog post!
Hi Ange! Thank you for chiming in on this. You’re absolutely right about needing to take more precautions with our websites too. It is unfortunate that we don’t talk more about these issues and look to protect ourselves more online. As you said, we put so much information out there and do little to protect our assets.
Thank you also for the additional tool recommendations. I am definitely going to look into those.
“You should also avoid public wi-fi when accessing your social media accounts. OMG, I know. I said it! Skip the free wi-fi? Have I gone crazy? ”
You’re on the money. If I wanted to steal a twitter of someone who pretty much makes their daily routine known, I would leave a rouge hotspot set up where they typically post from. Phone’s are little wifi addicts and will connect to anything that’s offering a fix. From there stealing an account is child’s play.
Ange is right too. If I can determine what email is used to manage your social media, and I want to spend a few hours reading everything you have ever posted along with a public records search, I don’t need your passwords, because I can guess your security questions.
1. Reset email password.
2. Reset socials password.
Security on any platform requires a lot more than code. It’s about securing information, not bytes. The best super uncrackable password out there is useless if your security question’s answer is sitting on some post you made years ago to a forgotten social account.
You are absolutely correct Drew! We put too much information out there and always seem to pick the “easiest” password reset questions – making it way too easy for someone to be able to access and reset our passwords. Thanks for chiming in!
Hey Jenn
Thanks for an amazing (if really scary!) blog post.
My worst nightmare would be too lose my social media followers, even though they rank in the hundreds and not thousands. I love the interaction with the world and to lose that would be awful.
I will definitely be following your advice to keep my accounts safe from horrid cyber-yobs!
Best wishes, Mike
I’m glad you found this helpful (even though it is scary), Mike. And here’s hoping you never have to worry about this affecting you!