Cybersecurity is frequently discussed in IT departments to protect company devices and data, however, cybersecurity is rarely addressed in marketing departments. Marketing departments typically manage their company’s social media accounts, and social media accounts are a very popular avenue for bad actors to gain access to company information or to spread malware. Take a few minutes to understand the cybersecurity risks behind social media and the steps your team can take to protect against bad actors gaining access to your social media accounts. 

The Risks

Bad actors love social media because of the large amount of information they can gather from accounts (contact information, location, life satisfaction, political views, religious views, vacations, etc.). According to cybersecurity author and expert, Bart McDonough, bad actors love social media platforms because of the ability to create fake profiles and posts to trick individuals into divulging personal information, handing over money, or infecting devices. Of the billions of users on popular social media platforms, here are the number of fake profiles that exist:

  • Out of the 2.2 billion users on Facebook, 270 million are fake user accounts
  • Of the 328 million active accounts on Twitter, there are 23 million fake bots
  • There are 64 million accounts of fake bots on Instagram (800 million total active users)
  • There are potentially 40 million fake profiles on LinkedIn


“Bad actors look for ways to collect large amounts of data from social media users, and exploit the harvested information to send out personalized malicious posts and messages on a large scale. And it works – 66 percent of spear phishing messages sent through social media are opened. This is more than double the amount of opened phishing emails by victims, which is around 30 percent.”  (Bart McDonough, CyberSmart)


Keeping Your Social Media Secure

1. Delete unused social media accounts – When you’re not regularly logging into a social media account and keeping the password updated, you are increasing the chances of hackers gaining access to the account. Which could lead them to gain access to other accounts or personal information that is tied to the unused profile.

2. Keep privacy settings updated – Social media platforms are regularly updating their privacy settings. If you do not stay on top of the updates they can automatically opt you into a setting. This could expose personal information or posts without your knowledge.

3. Review account access regularly – Consistently monitor who has admin permissions to your social media accounts. Make sure hackers cannot gain access to your company pages by accessing past employees or third-party vendors who are still admins on your accounts.

4. Require two-factor authentication – Two-factor authentication is a great way to ensure your social media accounts are secure. Require all team members with access to your social media accounts to set up two-factor authentication on their profiles whenever possible.

5. Use a password manager A password manager will allow you and your team to use a unique, strong password for each social media account without writing them down or sharing them through email. The primary way hackers access accounts is through the use of the same password on multiple accounts. 

6. Use Facebook Business Manager – Facebook has created a safer, more secure option for managing your entire Facebook ecosystem. It allows your business to control all aspects of your Facebook and Instagram accounts, ad managers, catalogs, pixels, etc. You control who has access to what through easy add/removal options. And, you can set up two-factor authentication to protect it all.