In today’s digital landscape, where phishing and hacking techniques have become increasingly sophisticated, it is crucial for businesses to prioritise their security.
At Bigwave, we have observed a rising trend of phishing attempts and security breaches on META. As marketing professionals who work with numerous Facebook and Instagram accounts, we follow strict security guidelines to protect ourselves and clients. With the recent growth in both attempts and successful breaches, we thought it was important to share some ‘best practice’ tips to help you keep your account secure.
What does a META hack look like?
The pattern we have noticed is that individuals who have admin access to business accounts are being targeted, and hackers are exploiting the vulnerabilities in their personal Facebook accounts.
This method allows hackers to bypass the robust security measures implemented by corporations. For instance, hackers often employ tactics like sending malicious messages to personal accounts or the page itself. When the recipient clicks on the provided link or follows a set of instructions (such as to reset a password), the hacker gains access to the personal account, as well as any linked business accounts. Once inside, the hacker can take control of the business account by removing other admins and changing passwords, even racking up huge advertising bills with spam/fake ads.
Unfortunately, META’s support in reclaiming hacked pages and accounts has been notably inadequate. Once a business loses access to its Facebook Business account, the chances of recovery are uncertain. While some organisations have managed to regain control, others were not as fortunate, falling victim to these cyber threats.
Therefore, to safeguard your Business Page and Personal Profile, it is imperative to take some precautions. In this blog, we will guide you through the steps to protect your online presence and mitigate the risks posed by hackers.
Tell-tale signs a message is from a hacker
A foolproof method to identify if you are being targeted by a hacker is by scrutinising Facebook messages purporting to be from META/Business Suite. It’s important to note that META will never contact you about account or security issues through your messenger inbox. Legitimate communications from META will be sent via email or occasionally through notifications. Be cautious of messages that deviate from these channels.
Additionally, look out for the presence of spelling errors or the use of special characters. Take the time to carefully read any messages you receive. If you spot spelling mistakes, it’s a red flag.
Another telltale sign of a hacker’s message is if it asks you to click on a link or directs you to an unofficial META page. Exercise extreme caution and verify the authenticity of any message before clicking on any links provided. These are examples of what we have seen; while we don’t know for definite if these would have led to a security breach, it’s always better to stay vigilant and prioritise your online safety.
Do not click on anything and mark as spam as an indication to META.
How to Safeguard Your Meta Business Accounts from Hackers
Whether you’re utilising Facebook and Instagram for organic or paid marketing, ensuring the security of your accounts is paramount. Taking these three vital steps can make all the difference in protecting your account from potential vulnerabilities:
Implement Two-Factor Authentication for All Users
Your Facebook business page and Instagram business account are managed through the Meta Business Suite. It’s crucial to enable two-factor authentication for all levels of access. This advanced security measure requires users to provide a random 6-digit code in addition to their username and password during login. META provides security guides on how to set up two-factor authentication, making the process straightforward and effective. This extra layer of security significantly enhances the protection of your accounts.
Assign a Back-up Admin
Designate a trusted individual, be it a business partner, coworker, family member, or friend, as your back-up admin. This person doesn’t need to be actively involved in your business; their role is to serve as an emergency entry point into your Business Suite. In the unfortunate event that a hacker gains access to your account and locks you out, the back-up admin provides a means for you to regain control. They act as a safeguard, allowing you to reclaim your account and eliminate the hacker’s access.
Utilise Third-Party Authenticator Apps
Enhance your account security by utilising third-party authenticator apps like Google Authenticator or Microsoft Authenticator. These apps generate one-time passcodes that expire after 30 seconds, providing a time-sensitive and highly secure method for authentication. By downloading these apps on your mobile and desktop devices, you create an additional barrier that makes it extremely challenging for hackers to gain access to your accounts. Embracing these authenticator apps ensures a convenient yet robust defence against unauthorised access attempts.
By following these essential steps, you significantly bolster the security of your META Business accounts, safeguarding your valuable data and ensuring peace of mind in your online interactions.
If you’re interested in learning how Bigwave can support your business with paid and organic social media marketing, as well as optimising and managing your ads and business accounts, don’t hesitate to get in touch with us today. We’re here to help!