More people than you know have their Facebook (FB) profile hacked daily. In fact, 300,000 FB accounts get hacked every single day. After 20 years of being safely on FB, I joined those ranks and it’s been a learning experience.
But it’s not just FB that gets hacked every day; emails are hacked, phones and just about every social media platform. It’s all about stealing information to steal money. It’s a multi-billion-dollar business that can be actioned anywhere in the world. Hackers target low-hanging fruit and high-hanging fruit (which might reap big rewards) including:
- E-commerce and online retailers
- Small business – because we’re often relaxed
- News outlets
- Healthcare
- Government
- Financial services
- Not-For-Profits.
How to Avoid Being Hacked – Especially Facebook
- If you suspect your email got hacked, and you’ve shared your password via email with anyone, change the password immediately. However, having said that, FB strongly recommends you NEVER share your password.
- Do not use the same password across multiple sites or apps. Change them every 6 months.
- Make your passwords hard to guess and don’t form a pattern of your passwords.
- Setup two-factor authentication.
- If you do have to share important info, don’t do it via email. This includes DOB, TFN, passwords etc. There are a few secure apps, like Signal, Threema or Telegram you can use. Remember that FB, Insta and Messenger are all interlinked and China owns WeChat. WhatsApp is now owned by the FB group. Investigate your mobile phone; even texting may not be secure if you don’t have a highly secure phone.
- Be aware, if you’re friends on FB with your mother and she shows her maiden name, that is often a security question. Also be aware that if you have your birthday on FB (most people do) and you’re celebrating your 40th birthday on FB – well, hello, you’ve just given everyone your DOB!
- Avoid friend requests from people you don’t know. That’s something I let slip, being in business, but new policy; you only get to be my personal FB friend if I know you!
- NEVER click on suspicious links; in fact, consider a link suspicious until you prove it otherwise.
- If you share a computer with other people; ensure you log out of FB after use.
- Regularly review Page roles and permissions. After an update (this is most software) you can be defaulted to something new you didn’t want.
- Make your FB profile private, especially your personal page. Put business items on a business page.
- Check your bank statements regularly; esp if you buy off FB. Watch for small amounts; they often test the waters on little amount from 1c to $10 … but, of course, build up.
- Keep your phone number and email up to date as this is easier for recovery – although in my case that didn’t work. You can also try retrieving your profile by logging in via a device you used previously, but again, that didn’t work for me. But if you can get in, change your password immediately. Then check for any unauthorised devices and remove them. Review also third-party websites linked to your account; this can be a means to access your profile.
- Educate your team around best practice and what to do or not do in respect of cyber security.
- Let your contacts know.
That’s what this blog is about – I have (had!) sooo many contacts I couldn’t alert everyone, but I did alert those I could and this is acting as an alert to you. If you are connected to a Donna Stone without a photo, that’s the old profile which is now frozen. Remove it. Stone Business Coaching is showing as Luxe Coffee – I’m working to get my business page back so please DO NOT CLICK ON ANY OF THE LUXE COFFEE LINKS; IT’S VERY LIKELY A SCAM!
The Five Top Lessons I Want to Share From The Experience
Never to miss a teaching moment, I really want to share some suggestions and tips:
- Don’t think it won’t happen to you; I survived for 20 years … but alas, it did happen.
- Adopt cyber security policies; not sharing passwords via email (or any important info – I even instructed my insurance broker a couple of years ago to not include my DOB on policy docs if they are going to email them. Then be sure to teach your team and continue to re-train them. People forget and it’s that slip that lets you down.
- Don’t put all your eggs in one basket when it comes to marketing. This is why I got through the experience relatively unscathed. Sure, recovering is wasting a chunk of my time, but I don’t rely on FB solely (or primarily) for business leads or sales. I know some businesses which do and especially as you don’t own it (versus your website) … it’s a dangerous thing to do. For me, when this occurred, I simply continued to focus on my other lead sources to keep up enquiries and workload.
- Be good at record keeping. I was asked for invoices from FB for advertising, and although it had been ages ago, a quick scan of my computer was able to find those old invoices super quickly. I was also asked for ASIC statements and other proof of business – easy to locate as it’s all clearly filed digitally.
- Keep people’s contact details on your phone (or in your database) and of course backup. Friends, family AND clients. I had one friend I wasn’t able to contact, but otherwise, losing Messenger (yep, it’s all part of FB) meant I could just revert to email or text, even for those who tend to do everything via Messenger. It also meant that when I set up my new personal profile, I was able to alert people it was me via a separate method, or others were able to contact me.
It’s almost like an ATO audit; not a matter of if, but when it will occur. Having said that, it would be an annoyance (like in my case) or the near death of a business. Be prepared for this sort of thing. Have cyber security policies in your business, action best practices (as outlined above) and diversify your marketing. Be wary, this is just FB, but it can be bank accounts, phones and more. I watched a movie recently ‘The Beekeeper’ which was all about a very kind-hearted lady who became a victim of a phishing scam that stole millions of dollars from a charity she helped run. Jason Statham gets into vengeance mode; but it was clear how easy it happened and how devastating the consequences in the story. Sure, I know it was a movie, but also likely based on tonnes of true stories; it’s happening every day. We don’t have a ‘Beekeeper’ to fight our battles, so we need to be ever diligent.
One final word, if you’ve older friends or family, parents etc – be sure to educate them also. These scumbags will target everyone with absolutely no moral compass or regret or conscience.
If you want to learn more about Crisis Business Coaching, let me know.