Skip to main content

We use cookies to give users the best content and online experience. By clicking “Accept All Cookies”, you agree to allow us to use all cookies. Visit our Privacy Policy to learn more.

Cookie Preferences

Many websites use cookies or similar tools to store information on your browser or device. We use cookies on BBB websites to remember your preferences, improve website performance and enhance user experience, and to recommend content we believe will be most relevant to you. Most cookies collect anonymous information such as how users arrive at and use the website. Some cookies are necessary to allow the website to function properly, but you may choose to not allow other types of cookies below.

Necessary Cookies

What are necessary cookies?
These cookies are necessary for the site to function and cannot be switched off in our systems. They are usually only set in response to actions made by you that amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not work. These cookies do not store any personally identifiable information.

Necessary cookies must always be enabled.

Functional Cookies

What are functional cookies?
These cookies enable the site to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies, some or all of these services may not function properly.

Performance Cookies

What are performance cookies?
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.

Marketing Cookies

What are marketing cookies?
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant content on other sites. They do not store personal information directly, but are based on uniquely identifying your browser or device. If you do not allow these cookies, you will experience less targeted advertising.
Better Business Bureau®
Resources for Businesses
Better Business Bureau
          Latest News

          BBB Business Tip: What to do if your business’s social media account gets hacked

          By Better Business Bureau. May 8, 2023.
          Close up confused man having problem with broken not working phone, annoyed frustrated male student receiving bad news, reading unpleasant email, sitting on sofa, looking at screen, spam message

          (Getty Images)

          If you think hackers are only after the social media accounts of large companies, think again. Small businesses are three times more likely to be targeted by cybercriminals than larger companies. Your data, social media followers, and company reputation are valuable to con artists, no matter the size of your business. And what’s more, scammers know that a smaller company is less likely to have training in cybersecurity and social media best practices, making them an easier target.

          What can you do to protect your business’s social media accounts? And how can you get your account back if you’ve already been hacked? BBB recommends the following tips.

          How to restore a compromised account

          • Run a malware scan. Ensure the hackers do not install viruses on your device by running a scan with reputable security software. If the scan identifies any malware, delete it and restart your device.

          • Change your passwords immediately. If you can still access your account, change your password. Then, change the passwords to all of your other social media accounts, even if you only see suspicious activity on one network, just in case.

          • Report the social media hack. Once you change your password, or if you are locked out of your account by scammers, contact the social media network. Don’t delete any damaging posts immediately since you may need them as evidence of the hack. Take screenshots of unauthorized posts or messages and then report the issue. Follow any instructions to restore your account, which may vary from platform to platform.

          • Report compromised information. If you suspect your sensitive, personal information was compromised, report it at IdentityTheft.gov, where you can create a personalized recovery plan.

          • Review your activity log and account settings. Look at the activity log to determine when and where your social media account was accessed. Then review your followers, the accounts you follow, and recent comments and messages.

          • Let your customers know. Especially if hackers posted something to your account or sent out messages to your followers, it’s important to notify your customers. Let them know what happened, and assure them the issue is resolved as soon as it is.

          How to secure your business’s social media accounts

          • Understand hackers’ motives and tactics. Hackers can use your social media account for a variety of nefarious reasons. They may be planning to run malicious ads using your stored credit card information, hoping your followers will pay attention since they come from a trusted source. Scammers can also target your followers via direct messages with phishing attacks. Or they may be after your sensitive personal or business information. Sometimes, they might try to steal your sales revenue or even sell your account on the black market. Regardless of the motive, scammers can only hack your account if they get a hold of your login and password information. To steal that, they may target you or one of your employees with a phishing or malware attack, so protecting that information is critical.

          • Create a social media policy. Write a social media policy with clear guidelines and requirements for your brand and employees. What should it cover? It can contain rules about brand voice and post guidelines, but it should also clarify your employees’ responsibilities. Who is responsible for crafting social media posts? Who has access to the passwords and login information? What devices can be used to log in to your accounts? These questions should be answered in your policy. You should also include a plan of action if your company does experience a security crisis. How will you handle a hacked account? Laying out a step-by-step plan ahead of time can minimize the damage caused by an attack.

          • Recognize the signs of a hacked account. If you see unfamiliar posts on your account, you didn’t authorize; someone has gained access to your account. You may also get messages from friends saying they received a strange message or email from you. And if your data has been compromised in a data breach or malware attack, or if a device with stored login information was stolen, hacking becomes more likely.

          • Use strong passwords. Avoid easy passwords. Use long passwords with numbers, letters (upper and lower case), and symbols. Never use the same password twice. And if that sounds like a lot to manage, consider using a password manager.

          • Set up two-factor authentication. Multifactor authentication (MFA) makes it harder for cybercriminals to access your account, even if they’ve gotten a hold of your password. Setting it up for your business accounts is a must.

          • Keep antivirus software up to date. Protect your computers and mobile devices from malware attacks by installing antivirus software and running regular scans.

          • Be careful with third-party apps. Instagram warns users that they can gain complete access to their account if they give their login information to a third-party app by handing over their password and username or even a login token. The same is true for any social media network. If you use a third-party app, like a social media scheduler, ensure it’s from a reputable source.

          • Check your accounts regularly for suspicious activity. Keep an eye on your social media accounts. Check in daily, if possible, to ensure your account hasn’t been compromised.

          • Train your employees. Give your employees regular training to help them spot a phishing attack before it’s too late. Review your social media policy and any up and latest threats on social with them. Keeping your team alert can go a long way toward protecting your accounts.

           

          For more information

          Stay informed about the latest cybersecurity threats and best practices by checking out the BBB business news feed today. Read more about recovering hacked online accounts with the Federal Trade Commission.

          Also, visit our BizHQ for more tips to help your small business grow and flourish.

          Still Need Assistance?

          Contact Your Local BBB

          Your local Better Business Bureau can assist you with finding businesses you can trust. Start With Trust®.

          General Inquiries:
          6336-684 (416)

          Additional Resources

          Additional Topics