With Facebook presence now playing such a crucial role for Clubs in connecting with patrons, keeping your Meta account secure is paramount. There are many businesses in Australia with horror stories about losing the ‘Admin Rights’ to their Meta Accounts from phishing scams and having to start a new Facebook page or run the gauntlet of Facebook’s “customer support service” which can result in losing faith with all humanity. Therefore, this industry needs a timely reminder about phishing scams and how you, and everyone on your team, can protect your Facebook and Instagram accounts.
What is Phishing?
Phishing, pronounced the same as the fun recreational pastime ‘fishing’, is a sly attempt by scammers to trick you into revealing sensitive information, like your login credentials, through deceptive emails, messages, or fake websites. Their goal? Gain access to your Facebook account and wreak havoc – from spamming your followers to jeopardising your business reputation.
Spotting the Signs:
• Suspicious Senders: Be wary of messages from unknown senders or emails with misspelling and odd formatting that mimic official Facebook addresses.
• Urgency Traps: Don’t fall for messages pushing a sense of urgency, like “Your account is at risk! Click here to fix it!”
• Requests for Personal Info: Facebook will never ask for your password or sensitive details via email. Be wary of such requests.
• Dubious Links and Attachments: Never click on links or opening attachments in unsolicited messages, even if they appear to be from “Facebook”.
• Messenger Panic Message: Avoid clicking on links or opening attachments in unsolicited Messenger messages, even if they appear to be from Facebook. Always check the account or person they have come from carefully.
Any correspondence from Facebook or Meta will only come from one of these accounts:
• fb.com
• facebook.com
• facebookmail.com
• instagram.com
• meta.com
• metamail.com
• support.facebook.com
Fortifying Your Defences:
• Scrutinise Every Message: Don’t skim quickly, double-check email addresses and sender legitimacy before interacting.
• Strong & Unique Passwords: Create unique, complex passwords for your Facebook account (and all your online accounts!). Password managers can be helpful.
• Two-Factor Authentication (2FA): This extra layer of security requires a login code when accessing Facebook from an unrecognised device. Enable it!
• Security Checkup Tool: Utilise Facebook’s Security Checkup to review your account settings and strengthen security measures.
• Educate Your Team: Share this information with everyone who has access to your Facebook account.
• Become verified: If you have the budget, verify your personal account , it’s an extra layer of security and support if and when you need it.
• Keep everything updated: From your advertising account to your profile picture, keep your personal account up to date and active.
If your Facebook account is compromised, here’s what to do:
Unfortunately, sometimes things happen. If you are the victim of a phishing attack, it’s important to take the following steps as soon as possible.
• If you can’t log in to your Facebook account, report it as compromised.
• If you can log in to your Facebook account:
1. Reset your password. If you accidentally entered your username or password into a malicious link, someone else might be able to log in to your account. Resetting your password helps prevent unwanted logins.
2. Go to your Facebook account and remove any unauthorised logins/devices that are signed in to your account.
3. Review your activity log to determine if you’re following any unwanted accounts. Unlike any Pages that you didn’t select.
4. Check recent emails sent by Facebook to determine if there are any issues with your account.
5. Review your Facebook Feed to determine if the attack resulted in unwanted/inappropriate posts. Delete any posts that you or someone associated with you, didn’t post. To report a post and delete it from your Feed, click the three dots located in the top right-hand corner …, then click Report post.
6. For business accounts, contact Facebook’s Support team by opening a case through Business Support Home or the Business Help Centre (“Get support”).
7. Access Facebook directly through the addresses listed in the Help section of your account (don’t use any addresses in the questionable email message).
Stay Secure, Stay in Control
By implementing these safeguards and fostering a culture of awareness within your team, you can effectively shield your Facebook account(s) from phishing attacks and maintain control of your online presence.
If you’re looking to develop a social media strategy for your Club, or just need help ensuring your social media accounts are secure, get in touch with our Social Media Guru, Lauren, via email at lauren@dws.net.au to coordinate a no obligation discussion today.
