Securing Social Media Accounts


Securing Social Media Accounts in 2022

Securing Social Media Accounts in 2022 is a lot easier than you may think in this blog we go over the top 5 ways to secure your social media account against hackers, scammers, and people with ill intent.

Top 5 ways to secure your social media account!

  • Operational Security Measures
  • Using Multi-Factor Authentication
  • Checking Devices Signed in / Location Services
  • Phishing Links / SMS Phishing
  • Using Strong Passwords / Password Manager

The Rise of Social Media

Social Media has been on the rise since the early 2000s. Every business and everyone has a social media profile. Huge start-up influencers like Gary Vee have been making courses and recommending them to everyone to boost traffic and sales since 2015.

This being said, It is very important that your profiles remain secure and out of the reach of hackers and scammers. In this article, I will be showing you how to lock down your social media profiles for both personal and business.

Operational Security Measures

What is operational security? In simple terms, it is the act of evaluating what sensitive information is online that you would not want hackers to know. This includes things like your dog’s first name. This might be a security question and you would not want the world to know your security questions!

How would you evaluate your current operational security? Here is a checklist I use to make sure what I am posting online is safe and secure. This is a step we often times forget when securing our social media accounts.

  • Does my post include a license plate, house number, and/or current location?
  • Am I on vacation while posting this image or content and does it notify people I am not home?
  • Is there private information on my post? (where I grew up, my first boss’s name, or any other possible security question )

As you can see it is very simple to make sure you do not have any personal or identifying information online. It is very common for social media users to forget that hackers and scammers can see your content too! I would highly recommend going through your friends’ list and removing people you do not know. A great practice is to go through your past social media posts and check to make sure that your posts follow that checklist. Here is a great guide to follow: Security Check List PDF

Using Multi-Factor Authentication

What is multifactor authentication? The best way to think about this is something you have, something you are, and something you know. There are many types of authentication methods some of the most common methods we will talk about in this article. The best part is that it’s super easy to use and set up!

All social media accounts support MFA ( Multi-Factor Authentication ). I highly recommend the use of a third-party app like Google Authenticator but not every social media account supports this feature. I will walk you through the two most common types of authentication using Instagram as an example. This can be done on the website or on the application on your phone and it’s super easy to do in 3 simple steps.

Step 1. ( Download an Authentication APP )

Download the application from the Apple Store or Play Store by searching “Google Authenticator” :

Screenshot of social media

Step 1. ( Finding the settings )

On Instagram you will click the 3-line menu in the top right-hand corner:

Screenshot of social media

Then you will click on “Settings”:

Screenshot of social media

Then click on “Security”:

Screenshot of social media

Then click on “Two Factor Authentication”:

Screenshot of social media

Then click on “Authentication App”:

Screenshot of social media

Step 3. ( Enable Authentication )

Click “Next” to start enabling Google Authenticator:

Screenshot of social media

Click on “Google Authentication”:

Screenshot of social media

This will redirect you to the Google Authentication App. You will want to copy the code and then come back to the Social Media Application. Enter the code in and press the “Next” button. Once this is done you should see something like this:

Screenshot of social media

Just like that, you have MFA enabled. When you log in the next time it will prompt you for a code that code will be held in the Google Authenticator App.

Checking Devices Signed in

This may seem irrelevant but if your account is already hacked you could have a split second to kick them out and change your password before the hacker can ever kick you out! to check this you will want to go into your settings from there click “signed in devices” or “login activity”. You can remove devices by clicking the three-dot menu and “logout”.

Screenshot of social media

It is highly recommended to disable location services since the rise of social media AD companies, Political Parties, and more use your location to serve you ads and violate your privacy. Lucky for you it is super easy to turn on and off and here are some best practices for when you are not on social media.

You can turn off Location Services in your settings application and in the search bar by typing “Location”. something like this should be shown:

Screenshot of social media

Some best Practices:

  • Turn off Bluetooth when not in use
  • Turn off location services per application
  • Turn off WIFI when you are not using it

Hackers can sometimes use your WIFI profiles against you. Have you ever seen a “Star Bucks Free WIFI” when there are no star bucks to be seen? This could be a hacker trying to see if you will connect to it to spy on your search traffic and capture sensitive information.

Phishing Links / SMS Phishing

You may recognize those spammy message requests with very weird messages. Some of them might say things like “I cannot believe I found this picture of you” or “click this link for 50% off Walmart purchases” and “your order has an error click here to edit those settings”. These are examples of phishing attempts and their goal is to get sensitive information from you that leads to a hacked social media profile.

Here are some examples to look out for:

I was directly messaged by a hacked Instagram account a little while ago that said the following. This attack was a little more complex and not just a single link was sent.

Screen shot of Instagram direct message

And this is what was sent to my SMS ( Text Messages ). It is an authentication link that would have given them access to my account. Scammers oftentimes exploit the kindness of others to hack your accounts.

Screen Shot of authors Text Messages

The best thing to do is ignore them and delete those requests. DO NOT CLICK THEM for any reason ( or send screenshots of results ). There has been a huge influx of these spam accounts texting you or your friends to gain access to your accounts to promote their scam.

A great practice is to privatize your friend’s lists so that if your friend’s social media account is compromised ( hacked ) they are less likely to come to your Direct Messages in the first place. This is not available for all Social Media Apps. Do not know how to do this? No problem here is how you can do that. This can be done by going into “Settings and Privacy” and playing around until you find something like this:

TikToks Settings Page

Unfortunately, there is no one static location for this setting it is constantly being moved around on various social media applications. On the bright side, you should have no trouble finding it.

Using Strong Passwords or a Password Manager

It is 2022, its time to stop using your pets’ names, lovers’ names, and variations of the word “password”. These are examples of weak passwords that can easily be guessed. Hackers use computer systems to automate these types of passwords and can guess them by the hundreds per second.

A great resource to make sure you are using a strong password is How Secure is my Password. We all know a lot of people forget their password which is why they make it their dog’s name. Don’t worry you can still use their name but instead of having a password like “Rover123” you might want to use “ILov3myd0gRover123$”.

You can also use a password manager. This is highly recommended and is an industry-standard in cyber security. Password managers like Last Pass generate passwords like “Db^48ptx6*5bc4A7iGH^nM$i@ReZ^k&SJKHoHp1h$%” and memorize them in an application so all you need is just one strong password to access them all this is called a “Master Password”.

If you were interested in this blog post on Securing Social Media Accounts, check out the Effects of Data Breaches next.

Comments (2)

Leave a Reply

Your email address will not be published. Required fields are marked *

Press ESC to close