Social media hacking is the most common cyber-dependent fraud, reported to Action Fraud. On top of this, a 2022 report from the National Cyber Security Centre found that social media hacking increased by 25%, and cyber crime overall grew by 40%.
It’s also important to remember, the true scale of social media hacking is likely to be far greater than the reported figures.
Business social media accounts are often targeted for multiple reasons. Firstly, hackers know they may not have secure passwords and possibly won’t have two-factor authentication set up. And secondly, holding a business’s social media accounts to ransom, or stealing their data, can be lucrative. One hacked account compromise can spiral into dozens more victims via ‘chain hacking’.
Young people under 30 make up the highest proportion of victims reporting to Action Fraud, with those at the higher end of the age bracket also being more likely to be a victim of investment fraud.
Action Fraud also found that there has been an increase in AI deepfake technology being used in hacks - and this will only continue to rise as AI quickly becomes more sophisticated, with easier access.
DI Dan Giannasi, head of cyber and innovation for the NWCRC, said: “We are seeing a large increase in the reporting of social media hacking recently, so we really need to spread awareness to our business community.
“It’s so important for businesses to make sure that all of their employees understand how to spot phishing or hacking attempts, as just one click can take down your social media account.
“Being hacked can seriously affect a business’s reputation and trust with their customers, which can be very difficult to win back. For small businesses like sole traders or freelancers, who rely on social media to operate, it can be devastating to lose your network of contacts and marketing opportunities. Protect your reputation - and your social media accounts - at all costs.”
Our advice on protecting business social media accounts from cyber criminals is:
Ensure two-factor authentication is enabled on all accounts.
Use three random words to generate a complex and unique password for your social media accounts. Consider using a password manager to ensure security around team members using one password.
Ensure all team members can recognise phishing links, and be very cautious around clicking on any links in social media posts or DMs.
If one employee leaves, ensure that you change the passwords to your business social media accounts to prevent accidental password leaks or even revenge posting.