Late last week the Instagram account of Base Body Babes was hacked and 765 carefully captioned images disappeared before their very eyes. The new “owner” of the account changed their name, deleted their images and began posting their own images with a kidnapped audience of 559,000 followers. They are not the only victims of hijacked Instagram accounts.
Fitness expert, Chalene Johnson had her Instagram account with over 400.000 followers hacked, as well. They were also in control of her Twitter account and literally began taunting her on it and telling her that they were now in contol. (There is much more to her story but the FBI is currently involved so much of it is not being shared yet.)
This is not just happening to those with large follower and fan bases. It is happening to small business owners, as well. These so-called “social engineers” are hacking accounts and extorting fees from the owners of accounts in exchange for transfer of ownership back to the original owner. They feel that small businesses will pay the fees and won’t go to the police. They also feel that small business owners don’t know enough about technology to be able to fix the problem themselves. All these social engineers need is just ONE password to get into your e-mail account in order to be able to attack ALL your social media accounts. You may feel confident about being secure because you think that you have a pretty safe and not likely-to-be-guessed password but that’s where you’re wrong. They’re not guessing passwords; they’re guessing answers to your security questions. They are able to guess these answers by watching your social media sites!
This is a crime that has reached epidemic proportions. Facebook reports that over 600,000 accounts are compromised EVERY day. 47% of Americans have had their personal information compromised.
Protecting your personal information is incredibly important but in this article, I’m only referring to your social media investments. How long and how much work has it taken you to grow your accounts? How much content do you have stored on your accounts (think about all those images on Instagram and/or Pinterest)? How many connections are made available to you by having these accounts and what would you do if they suddenly disappeared (This is one reason why having an e-mail list is so important)?
No one can be completely safe but there are things you can do to protect your investment. These items will take you some time to set up but they are worth the effort and time expenditure and may help to prevent the loss of years of work.
1. Update your software on ALL devices: your PC, your blog plug-ins, your tablet, your laptops, your Kindle or similar devices, your smart phones, etc. Don’t forget to update the outdated devices that you have lying around to use as spares.
Adobe Flash is a very important one to consider. But do NOT update when the pop-up appears – it may be a scam and that may be exactly how you become vulnerable. Go to their website to update and set up auto-updates.
“Update all of your apps! While some updates are improvements, most of the updates are security patches. Be sure to update as soon as available.
2. Get a password manager and install it on all devices.
A password manager is like an online wallet for your valuable information. Create a strong initial password for this one and you must remember your password to this application because it is not stored.
According to Wikipedia “Password managers usually store passwords encrypted, requiring the user to create a master password; a single, ideally very strong password which grants the user access to their entire password database. Some password managers store passwords on the user’s computer, whereas others store data in the cloud. While the core functionality of a password manager is to securely store large collections of passwords, many provide additional features such as form filling and password generation.”
Password managers also have browser extensions for FireFox, Chrome and Safari.
DISABLE the auto-fill for passwords. Use your password manager’s browser extension instead.
*After you install your password manager, update all your passwords with unique passwords generated by your app. Also, update your security questions with more unique passwords generated by your app because real answers to security questions increase your chances of being hacked!
3. If you have an iPhone 6 or above, set up the Apple fingerprint! (Android will be adding this feature soon.)
4. Do not choose the “log in with your Facebook account” or “log in as Twitter” options. Be sure to log in using your password manager.
5. Take a look at your e-mail service. Is it as safe as it could be? Perhaps Hotmail (is that even around anymore) or Yahoo are not the safest options. Gmail has 2 factor authentication so it is more reliable.
6. Check your cloud storage (iCloud, Dropbox, Evernote, etc.) Cloud storage sites have an increasing number of hacks.
Enable 2-step authentication for these – require a code in addition to your password.
7. Phone – Turn off the apps you don’t need.
Apps are great but they are security risks. Delete the ones that you don’t need. (I am SO guilty of keeping too many apps on my phone. Deleting the unused ones has become a priority.)
8. Facebook and Twitter – sign up for 2-factor authentification. (The one drawback for this is that if you ever change your phone number, it’s a hassle to have it changed, but probably less of a hassle than the things that would have to be done after a cyber hack.)
Instagram is very susceptible to being hacked so be sure to use your password manager when signing in.
9. Set up an IFTTT recipe to have your Instagram images automatically sent and saved in your Dropbox. You can find that here You could also use Instaport to save all your Instagram images to your hard drive.
10. Check your Facebook privacy settings and determine what is the most amount of privacy you could opt for without damaging your social engagement and reach.
11. Consider using SocialSafe to back up your social media date. At $27.99 per year for 20 accounts, it’s extremely inexpensive and easy to manage.
12. Messaging – Use a messaging service that supports encryption such as iMessage for Apple or What’s App for iOs, Android, Blackberry and Windows phone.
*Did you know?
On Apple: blue bubbles = iMessage which is encrypted and secure
green bubbles = SMS text which is not secure
I hope that you’ll take this threat to your social media investment seriously and begin to put some, if not all, of these precautions in place. And if you have any other suggestions as to ways that we can all protect our online selves better, I’d love to hear.
*For further information, check out Chalene Johnson’s podcast series on how she was hacked and what she has learned. iTunes: Chalene Johnson: Build Your Tribe – episodes from June 9, 12, 15, 17 and 19 of 2015.