Keeping Your Social Profiles Secure
Those of you that have been keeping up with internet related news will know that a few days ago Burger King had their Twitter account hacked into. Days later Jeep’s account swiftly followed, seemingly falling afoul of the same hacker.
The accounts were locked and returned to their rightful owners after a couple of hours, and the attack did not appear to be malicious, but it does raise serious issues about security.
These brands got off incredibly lightly in terms of the damage that could have been done whilst they were hacked. If anything they actually benefited from the experience, as @BurgerKing gained 30,000 new followers and both brands received plenty of media coverage.
In fact the whole hacking has been taken very lightly by most, with brands such as @MTV and @BET even parodying the experiencing by publicly hacking each other’s accounts in in order to promote upcoming events. Whilst publicity stunts like such are in fitting with their brand personalities, the act itself fails to recognise the dangers of weak online security.
Things Get Serious
The hacking experience has been presented by most media outlets in a light-hearted fashion, but in actual fact it highlights a very serious and dangerous threat. At the beginning of the month Twitter posted an article on their blog alerting users that they had identified “unauthorised access attempts” where their servers had been attacked in an effort to gain user data.
Although the attacks were shut down as quickly as possible, they were actually successful in gaining the personal data of almost 250,000 users. This included user names, email addresses and encrypted passwords.
Twitter was quick to alert the affected users and reset their passwords, but for some the damage had already been done. All this came after several media and technology companies across the US reported extensive security attacks on their systems.
This news reminds us that it’s not just Twitter users who need to be wary of hackers. If your website or social account suffers a security breach then it’s not just your brand that’s in danger, it’s your followers as well. If you store any of your users or employees personal data online then it’s your responsibility to ensure that the information is secure.
A hacker who has access to your social profiles could completely ruin your brand’s reputation and severe any trust that users have in you.
Burger King and Jeep’s Twitter accounts were essentially taken for a joy ride. It was instantly made obvious to everyone that each account had been hacked and the takeover only lasted for a small period of time.
Hacking can be more malicious. Someone who has access to your system could slowly work their way into using the trust from your following your brand has built to gain sensitive and personal information. They could change details on your site, or send harmful messages to your users. This could ruin not only your brand image and reputation but also your ranking.
What can you do to secure your profiles? To begin with change your password. Brands who allow a lot of employees access to their social profiles will often use simplistic, easy to remember passwords. This will not keep your brand safe online.
Twitter themselves encourages you to choose a password that is “At least 10 (but more is better) characters”. It’s important you utilise a number of different character types in your password as well. Capital letters, numbers and symbols will make it harder for your password to be cracked.
You’ve got to know exactly who has access to each account at all times, and keep all account activity monitored. Make sure the only people who know your passwords are those who need to know. Also make sure that you update and refresh your password regularly, as it will make it much harder for anyone to gain access.
Speaking of changing passwords, you should have a different password for each social account. You’re only as strong as your weakest link, and if a social site that you have a profile on falls afoul of hackers, you’re instantly putting all you other accounts at risk if you use the same password.
If someone is unsure of or forgets a password they can often retrieve it with a valid email address by answering a question. Whichever password retrieval questions you choose when setting up an account, do not make the answer obvious. In fact for the best security you should make your answer something completely unrelated and random.