Social media security risks: How you can protect your business


In recent years, there has been a dramatic increase in targeted attacks on corporate social media accounts and website hacking is on the rise. For example, one in every five phishing scams targets Facebook. In this article I will discuss the top social media security risks for businesses and how to prevent them. 

Four social media security risks for businesses

#1. Leaving accounts unmonitored

Social media inactivity makes you a prime target for malicious attacks like viruses. Not paying attention to your social media presence and monitoring your account regularly, means that if your account is hijacked and followers start receiving spam from your account, you may not know about it. This could cause enormous damage to your brand. Another danger is that proprietary information may be hacked which could even bring lawsuits. So stay aware and check in with your accounts regularly.

#2. Malicious apps

As many businesses now encourage BYOD (bring your own device) policies, workers are increasingly bringing their own devices to work. While this is convenient, it can compromise your network’s security. Employees may use apps on their phone and unsuspectingly allow hidden malware to get downloaded onto their own device. Malware may delete important data, or share confidential data. If you are going to allow your employees to use personal devices at work, make it part of your company policy for all employees to have up-to-date anti-virus software and malware detection on their devices. This won’t eliminate the threat completely but it is an important safeguard nonetheless.

#3. Insecure passwords

Secure log-in information is one of your best defences against social media attacks, alongside secure technology. However because many businesses may help multiple people checking social media accounts, many companies have opted for easy to remember passwords rather than secure passwords. ‘Dave555’ or ‘sally2016’ is not a secure password. If you or your business have fallen into the trap of using weak passwords so you don’t forget them, try using software like LastPass or KeyPassX which stores and encrypts all your passwords. Also remember that a strong password should have 12 characters minimum, made up of all of the following: numbers, uppercase letters, lowercase letters and special characters. For more tips on creating strong passwords check out this article.

#4. Social scams

Social engineering scams are rife on social media especially Twitter which due to its shortened URLs can be easily used to trick users into clicking on links which contain malicious code. Known as click-jacking, these codes can steal information on the user’s computer or device. To help prevent this all staff who use social media should be trained in security awareness and be cautious when clicking on an unknown link even ones circulated by family and friends.

Employee risk

The risks outlined above pertain to malware and ineffective use of technology. However, the other piece of the puzzle in avoiding social media security disasters is the employees that use social media. Employee misbehaviours or genuine human error account for a huge proportion of social media security issues. The trick to mitigating this risk is effective social media training and policies.

Social media training and policies

Creating a social media policy can safeguard your business. Your policy should outline general guidelines and best practices relating to:

  • Creating a secure password
  • Approved content and sensitive content
  • Understanding privacy and security settings; and
  • What to do in the aftermath of a phishing attack

Once you have created a social media policy you should put staff through social media training. The next step is to limit social media access to only those staff for whom it is essential. Publishing access should only be granted to employees who are fully vetted and have been through the training process. All staff members accessing social media should do so through one secure media management platform e.g Hootsuite. This allows for all communication to be tracked and monitored. Finally, make one staff member the official social media champion who oversees all social media activity on a daily basis.

Social media comes with some inherent dangers however don’t let that deter you from using it in your business. Used correctly it has the potential to open up new opportunities, growth, brand awareness, conversions and exposure for your business. Take steps to minimise the risks and regularly review your processes for best results.

Luke Chaffey is a Digital Marketing Specialist with KBB Digital. For advice on Digital Marketing, including SEO services and Digital Strategy, visit