World Social Media Day (30th June) recognises social media’s impact on global communication and to bring the world together to celebrate it.

Social media has transformed the way we as businesses engage with our audience, providing a great platform for marketing and brand promotion. It has helped Welsh businesses and organisations to connect with customers, giving access to wider audiences, bringing opportunities to extend our reach, greater accessibility, cost efficiency, brand awareness and informing and developing our marketing strategies.

But have you ever considered that these accounts could be subject to an attack by cybercriminals? We need to be alert to the dangers of account compromise and prevent opportunities to be exploited whether it is Instagram, Twitter, LinkedIn or Facebook accounts.

We have seen examples of businesses that have had their social media accounts compromised, with the cybercriminal changing the email address and phone number to lock them out. They then have the opportunity to blackmail you, requiring a payment in order for your account to be returned.

If your account is compromised, then your social media can be used to post unwanted content, to add malicious links, send out spam, all of which damage your reputation and can erode customer trust in your services or products. Losing control over your messaging, content or engagement with your audience can have significant negative consequences on your business.

So how can you, as a business protect, yourself from the cyber risks?

Strong passwords: Create unique, complex passwords for each social media account. The National Cyber Security Centre (NCSC) suggests using three random words with a combination of uppercase and lowercase letters, numbers, and symbols.

Monitor your account activity: Stay alert to any unusual activity, such as an unexpected post or failed login attempts. If you have any concerns as to your account being compromised, then immediately change your password.

Watch out for phishing scams: We often discuss phishing emails, but they also happen on social media. The same rules apply, so don’t click on unknown links and don’t reveal personal information. Did you know that quiz posts can be designed to steal personal information that can be used as the basis of an attack.

Say “no” to unknown friend requests: consider why the friend request is being made, do you know the person. It could be from a fake account designed to gather information for the purpose of cybercrime.

Two-factor authentication (2FA): In simple terms, 2FA gives you an extra layer of security to your social media accounts by adding two layers of logins. It might seem like a hassle to add an extra step in accessing your online data, but without it you could be leaving yourself vulnerable to your account being compromised.

This easy process works as follows:

1. Enter your username and password.
2. The account, platform, or site prompts you to input another form of verification, such as texting a code to your mobile phone or using an authenticator app.
3. You then enter the verification code to gain access to your account.

To help you set up two-factor authentication we have also collated these useful links for the following social media platforms:

Facebook

How to require two-factor authentication for people in your Business Manager | Meta Business Help Centre (facebook.com)

Instagram

How do I turn two-factor authentication on Instagram for multiple devices on or off? | Instagram Help Centre

Twitter

How to use two-factor authentication (2FA) on Twitter

WhatsApp

WhatsApp Help Centre - How to manage two-step verification settings

LinkedIn

Turn Two-Step Verification On and Off | LinkedIn Help

Snapchat

Set Up Two-Factor Authentication (snapchat.com)

The National Cyber Security Centre (NCSC) also provides the following guidance for setting up two-factor authentication for email accounts:

Turn on 2-step verification (2SV) - NCSC.GOV.UK

The Cyber Resilience Centre for Wales is here to support sole traders, micro-businesses and SMEs across the region. We offer free membership which will inform you of the current threats and simple steps to take to reduce your vulnerability to an attack. By becoming a member, you will have the opportunity to speak to one of the team about your own cyber security and concerns.