Seems there was some hubbub over this past week on Instagram with a very prominent archery brand. I’ve been in Texas, helping a client, so unfortunately, I’m hearing this second-hand. But the gist of the scenario is the brand’s Instagram account was hacked. Their photos were systematically, and slowly, deleted; their profile photo was changed; and their bio was adjusted to not-very-nice-things.
This is the nightmare of every social media manager.
Like for real, I have bad dreams about this happening to any one of my clients.
However, there are systems available to you to avoid such catastrophic events. I’ll start with the easiest and end with the hardest/most costly.
You may be wondering why brands don’t already have this set up. Well, it’s because it is annoying. Let me explain. As a brand, you probably have two to three people who have access to your Instagram account at any given day. You may have to add someone to help with a special project and you can’t just give them your log in information. No, with two-step turned on, you give them the log-in and then you have to coordinate timing of them logging in, so you can give them the code generated, which was texted to the account owner’s phone, so they can gain access to the page.
It sounds silly as I type this – but honestly, coordinating timing is annoying. But do it anyway.
2. Don’t open fishy or spammy emails! I asked Chuck Rossi, former Facebook employee and currently editor of OpenSourceDefense.Org, for advice regularly when it comes to social media shenanigans. He reminded me that spammy emails are still one of the main tactics hackers use to gain access to your computer, and your data. “The main attack vector of phishing emails on Facebook pages are the things people *really* need to watch out for,” shared Rossi. “I've seen some recently that are really effective and official looking.”
3. Don’t share passwords across sites. If your email password, IG and FB passwords are all the same, and one of them is compromised, you are, in a sense, screwed.
A friend of mine had her Facebook account hacked recently. They took it over, changed her birthday to a very young age, so that Facebook would never allow her to have a Facebook page, and then proceeded to take over her Facebook Advertising account. They were successful in charging upwards of $1000 on her company card. It didn’t stop there. Her FB and IG passwords were the same, or similar enough for them to access her Instagram, and they proceeded to take that over, too. She had no recourse. She tried verifying her age with Facebook by submitting her Driver’s License, but again, Facebook is either backlogged, or doesn’t care. So, then what? They found third-party help.
4. Hire a Third-Party Company. This is super-duper scary, but my friend found this company and they were first able to get her back on Instagram, and then they hired the company again to get her back on Facebook. Total money spent was around $200. Worth it? I think so.
5. Get your account verified. Getting an account verified on the ‘gram is as likely going to happen to you, or your brand’s account, as winning the lottery. If it does happen, count your lucky stars and buy a lottery ticket.
Why won’t you hear back? Oh…there are many reasons floating around on the interwebs…some say it is because Instagram is backlogged, some say it is because they suck (I say that, actually), and some say it is because they just get too many requests with the billions of users out there.
Those are your steps to avoid getting your accounts hacked from easiest to the most difficult.
I recommend bookmarking this article and share it far and wide with your friends. The important thing to remember is to be aware of who has access to your passwords, and to change them regularly. -Michelle Scheuermann, editor, Archery Wire.