• Social Media Management & Crisis Recovery

Recovering from the Worst: What to Do When Your Social Media Channel is Hijacked

  • Felix Rose-Collins
  • 5 min read
Recovering from the Worst: What to Do When Your Social Media Channel is Hijacked

Intro

For a social media marketer, there’s probably nothing worse than finding one day that you’ve lost control of your social media channel. One day your channel is giving you good interactions with your customers, providing them with valuable information, and building a real, trusted relationship.

The next day you awake to find that someone has taken over that trusted channel and is using it to spread spam and viruses, insult your company and customers, and sometimes even post and disseminate offensive materials.

The reality is that this can and does happen. Some big companies like Fox News, the Obama campaign, and even Sesame Street have seen their social media channels hijacked.

It doesn’t make sense to stay up nights worrying about this happening. But if it does happen, knowing what to do can help cut through the panic and lost feeling that events like this can cause.

As someone who’s handled major incidents like this, I can tell you that recovering your social media channel and working to restore your trust consists of a few simple but key steps. If you take time now to learn these and build a recovery plan before this happens, you have your answer to the first question that arises when this happens: what do we do now?

Assess the situation

Your first step is to assess the situation and understand what you’re dealing with. What channel was hijacked? Were any others hijacked?

What’s being done on your channels? Build up a list of what’s been compromised so that you can use that to systematically guide your recovery efforts. You can make your list on Google Spreadsheets or Zenkit which can both be shared with your team.

Meet Ranktracker

The All-in-One Platform for Effective SEO

Behind every successful business is a strong SEO campaign. But with countless optimization tools and techniques out there to choose from, it can be hard to know where to start. Well, fear no more, cause I've got just the thing to help. Presenting the Ranktracker all-in-one platform for effective SEO

We have finally opened registration to Ranktracker absolutely free!

Create a free account

Or Sign in using your credentials

share

Update and clean your systems

Before you work to regain control of your channels, you want to make sure that the systems that you use to manage those channels aren’t used to re-take control away from you.

Some hijackings occur because of viruses on your systems, so the next step is to update, scan, and clean your systems. These are things you want to always be doing on your systems, so if you haven’t been doing these two things, make sure you make them a regular practice.

  1. Ensure systems that access your channels have updates for all software: viruses often spread through known security issues in software, so make sure you’re fully up-to-date for software updates on the systems you use for social media. Microsoft and Adobe products and Java are particular favorites for attackers. All of these have “auto-update” capabilities so make sure you’ve enabled those features.
  2. Update your antivirus and perform a full scan of your systems: Running a full antivirus scan will identify and remove any viruses that may have stolen your account information and been used to hijack your channel. There are also online security solutions to check out.
  3. Use AI-driven security software that can prevent many of the issues or alert you instantly. Hari Ravichandran’s podcast talks about these in much detail.

charts

Regain control of your social media channel

Now that you understand the scope of the event, and have cleaned your system you can start your recovery efforts. You want to regain control of all the channels that have been hijacked and take steps to better protect your access to ensure you retain control. Each social media site has different options for account hijacking recovery, so go to the “help” section for the relevant sites and follow the instructions for regaining control of your account.

Some sites offer expedited account recovery options that you can set up ahead of time: use those if you’ve set them up. If you haven’t already, you also want to go ahead and implement enhanced security where you can to help you retain control. Specifically, look to implement these options where you can:

  1. Implement a strong password (this Microsoft guide can help you build a strong password)
  2. Implement security questions that are hard to guess or answer through research on the Internet (e.g. don’t use your high school name if it’s on your LinkedIn profile)
  3. Configure the site to use a secure connection (HTTPS) where available
  4. Utilize two-factor authentication where possible
  5. Double-check any third-party access to your social media accounts. Platforms like Linktree and Hootsuite are not 100% safe from hijacking.
  6. Other third-party solutions like cloud-based phone systems and CRMs should be audited as well. Most of these allow two-factor authentication as well, so go ahead and enable that.

Notify your customers

When something like this happens, it happens in full view of your customers, so transparency is the rule. Your customers can see that your channel has been hacked: don’t try to cover it up.

Once you’ve gained control, use your channel to let your customers know that your channel was hacked but that you’ve regained control. Sending out a newsletter is another good idea. You want your customers to double-check that their own data is secure.

Apologize and let them know that you’re working to address the issue and take steps to ensure it doesn’t happen again. Your tone should be contrite and factual. Be concise and clear. If this is a complex or ongoing situation, go early with a message showing you’re in control and handling the situation and follow up later with more details.

Every company that has followed this playbook for communications has come out of these situations with credit for their handling of the situation. Depending on the complexity and severity of the issue, you may also want to consider bringing in expert help around communications in online security and privacy incidents.

Clean up your social media channel

Once you’ve taken control of your social media channel and the situation by communicating with your customers, you can focus on “clean up”. What you do here will depend on what your attacker did with your channel while they had control. Quite simply, you want to undo as much of what they did as you can.

Meet Ranktracker

The All-in-One Platform for Effective SEO

Behind every successful business is a strong SEO campaign. But with countless optimization tools and techniques out there to choose from, it can be hard to know where to start. Well, fear no more, cause I've got just the thing to help. Presenting the Ranktracker all-in-one platform for effective SEO

We have finally opened registration to Ranktracker absolutely free!

Create a free account

Or Sign in using your credentials

Here too, you may want to consider bringing in expert technical resources to identify and undo all the damage to your channel. Clean up can be a lengthy process but it’s important to take the time to do it right and remove all traces of the attacker’s malicious activity. Consider using a tool that can help you monitor all your social media accounts from a single dashboard.

Following these steps will help you regain and retain control over your social media site after a successful hijacking. But while the goal is to undo what the attackers did to your site, once you’ve accomplished this, then the hard work begins: working to rebuild trust with your customers.

Don’t underestimate the urgency of regaining control of your social media account. Hackers can access and use the private information you have saved there for ecommerce fraud or “friend in need” scams. So don’t wait.

Meet Ranktracker

The All-in-One Platform for Effective SEO

Behind every successful business is a strong SEO campaign. But with countless optimization tools and techniques out there to choose from, it can be hard to know where to start. Well, fear no more, cause I've got just the thing to help. Presenting the Ranktracker all-in-one platform for effective SEO

We have finally opened registration to Ranktracker absolutely free!

Create a free account

Or Sign in using your credentials

reported fraud

According to ftc.gov, the most money was reported lost to fraud originating on social media

A key step in rebuilding that trust is taking steps to ensure that a situation like this never happens again. Implementing these online security practices can help.

Of course, there’s no reason not to take the time to review these steps today, build a plan to handle this situation should it arise and most of all, implement these online security practices now before something bad happens.

Felix Rose-Collins

Felix Rose-Collins

Ranktracker's CEO/CMO & Co-founder

Felix Rose-Collins is the Co-founder and CEO/CMO of Ranktracker. With over 15 years of SEO experience, he has single-handedly scaled the Ranktracker site to over 500,000 monthly visits, with 390,000 of these stemming from organic searches each month.

Start using Ranktracker… For free!

Find out what’s holding your website back from ranking.

Create a free account

Or Sign in using your credentials

Different views of Ranktracker app