Securing Your Social Media - For The Sake Of You And Others

Cloud SecurityMarketing
Written By Kellie Parks, CPB

Golden rule of social media, “Tweet others the way you want to be tweeted.”

::Together With Rewind::
Backups for cloud applications

A friend had her Facebook account hacked last year. The hacker-scammer posted in accounting Facebook groups and messaged with some members of the groups (luckily not ours, The Workflow Wateringhole). The posts the hacker put in were compelling; they were “selling Taylor Swift tickets”, and because the poster posed as someone known and trustworthy, people responded, and sadly some paid for the “tickets”. 

Once word got out, people felt compromised and rightly so, but for the wrong reasons. They felt that someone had been allowed into the private Facebook groups that should not be there. When, in fact, a hacked Account that is already a part of the group has access that Admins wouldn’t know they shouldn’t. The hacked friend immediately let the group Admins know it wasn’t her, and the account was removed from the groups.

There are a few lessons to be learned from this hacking. 

Starting with “If it’s too good to be true, then it probably is”. Anyone with Taylor Swift tickets wouldn’t have needed to turn to accounting Facebook groups to get rid of them…

There are security lessons, of course. For both Admins of Facebook groups and for everyone with a Facebook account. The lessons cross to other social media platforms as well.

Personal security suggestions:

  • Please, please use a secure password to begin with!

  • Implement 2FA

    • Lots of folks have let this one slide on socials - don’t be one of them…

  • Don’t use the same login email as your public-facing one

    • We have this policy for Calmwaters’ accounting apps as well; we have a different email for logins than any that are published on our website or used for communications

  • Not a big fan of birthdays - not in general, just on social media

  • Limit your geographical information

    • Where you are, where you reside…

Business security suggestions:

  • Create a company social media policy that includes strong password use (including using a password manager app), 2FA and other details

  • Have your team create a for-company-use social media account(s)

    • Don’t have them use their personal social media

      • It is better for brand identity, but also, if their personal account is hacked, it won’t impact your business - customers, community groups and stores

Administrators Security Suggestions:

  • Turn on keyword alerts

    • For The Workflow Wateringhole, we have lots of these to manage scams and keep the group cordial and upbeat

      • Hate, sell, expert, coach, consultant, Clickup (to manage all the “Clickup Experts”), a few apps that I don’t deem worthy for our members, tickets, sucks, vent, rant and some offensive language ones

        • This is the reason the Taylor Swift ticket hacker couldn’t post in our group

  • Turn on post-approval

    • We don’t do this, but my moderators and I are in our group at least a few times daily

      • This can become time-consuming and disengage members, but it is definitely a security suggestion to consider

  • Set up mandatory admission questions and rules

    • This won’t vet folks already in there, but it will reduce the baddies trying to get in

  • Decide whether a group is private, closed or public

    • This will secure the privacy of posters in the group and establish a trust and comfort level with the information they share

      • Private - a simple search can find private groups on the Facebook search bar

        • Unlike Public groups, these are shown with privacy, the number of members and Facebook group description

        • Only members can see who's in the group and what they post

      • Closed - non-members will not be able to see your group posts or the feed; the public, however, will be able to find your closed group if they search for it and can view the list of members in your group along

      • Public - anyone on or off Facebook can see who's in the group and what they post

  • Allow/disallow anonymous posters

    • It’s not my thing to allow this, but it does give comfort to people who want to ask a scary question or who may be an employee

  • Set tight spam settings

You will encounter a bit of navigational gymnastics to set up some of these settings, but it is worth the Googling to find out how to secure the groups in the manner best suited to their purpose vs their security needs.

Why should we be concerned about community groups being comprised?

I’m not just talking about Facebook; any group can be infiltrated by nefarious characters. There are many other community hangouts, including social media ones, chat groups like WhatsApp and iMessage and paid groups that may be in an app like Circle and Slack - so make sure your devices are secured as well.

What are some of the threats?

  • Account impersonation

  • Catfishing 🐈‍⬛🎣 me-owch

  • Hacking

  • Identity theft

  • Malware

  • Password theft

  • Phishing

  • Social engineering

I hadn’t heard of Catfishing, which is when someone creates a false identity to build a relationship with someone, usually to scam them into giving away money or information. This is basically what the hacker-scammer who took over my friend’s FB account was doing, but they tried to scam many folks.

Unlike Identity theft, which, although it seems similar, is where a criminal will literally collect and steal another person's real-life personal information.

With all this in mind, it is important to protect each other

You are not in it alone! You are part of a communities, so be mindful of the trickle-down of lax security measures to the others in your world.

Securing your social media accounts is not just for your benefit; it’s for the benefit of everyone around you. Tight security allows you to feel comfortable joining all the fantastic groups that give so much joy to our lives, knowing you have done your darndest to safeguard others in them.

100% no judgment on anyone who hasn’t secured their socials as well as they could.

It’s a pain; we often think our accounts won’t be impacted. We also (or I didn’t in the beginning, anywho) don’t think of the fallout very thoroughly. So all we can do is learn from others and act upon them!

Featured Template

~~~

Featured Template ~~~

15% off discount code: BLOG

Scaling New Heights - Boldly Go

Sunday, June 16, 2024 9:00 AM - Wednesday, June 19, 2024 5:00 PM

Steering your practice over the coming years requires courage, direction, intentionality, and a healthy measure of grit. In other words, to embrace the future, accountants and bookkeepers must ‘boldly go!'

I am hosting three sessions:

  • Making Your Workflow App Work For You: Choosing and implementing a practice management app

  • Do You Google - Part One: Chrome Identities, Themes & Customization

  • Do You Google - Part Two: Discovering the efficiency of Google apps

Simply yours, Kellie :-}

::Shameless Call To Action::

I sell bookkeeping templates, standard operating process handbooks and client guides.

15% off discount code: BLOG

Kellie Parks, CPB

Cloud Process Creator

I craft processes and automation for future-thinking accounting professionals who believe in the mightiness of online technology.

I want every accounting professional to love running a cloud-based business as much as I do. 

Embracing the cloud requires effective best practices, consistent communication, and efficient processes, systems, and workflows. That's why we have dozens of pre-built templates to take the pain out of creating optimization in your firm.

Certified or partnered in over a dozen cloud applications, Alumni Intuit International Trainer Writer Network and the FreshBooks Partner Council.

I am a runner, water/snow skier and live-music fan.

I’m always wondering what you would do more of—outside of work—if processes, automation, and apps gave you your life back.

https://calmwaters.ca/
Previous

QBO Tech Tip - Bank Rules
Next

Email Myths and Misconceptions - Part Two