It’s Monday morning. You open your organization’s Facebook page and discover there’s a post you don’t recognize and didn’t publish. You try to remove it and realize your administrative rights have been revoked. It gets worse – you see there’s an ad running from your page, and your credit card is racking up the charges.
It’s the stuff of nightmares, right? It’s also one of the greatest fears of every social media manager.
When a page is hacked, it puts your brand and its reputation at risk, could lead to fraudulent charges, and completely shuts down that marketing channel until you get your access back. In addition, Meta support can be very difficult to deal with. Bottom line: these types of situations will leave you feeling helpless, anxious and afraid of the long-term consequences.
Here are a few tips that may help you mitigate your risk and help speed up the recovery process if you ever find yourself in this situation:
Do the people who have admin roles actually need access to your page? If not, remove their access. Every person who has a page role is a potential entry point for a hacker to gain control. You should definitely not have old employees as page admins.
Pro tip: Keep a record of your admins on your computer somewhere. If you get hacked, you won’t be able to see who has access anymore.
Make your page admins understand the connection between their personal profiles and the business page. If they see something funky happening with their personal Facebook profile, they need to understand the implications that can have on your business page.
For example, if they are suddenly locked out of their personal Facebook page, this could mean someone hacked their profile and updated the password. As an admin on the business page, the hacker now also has access to the business page.
Make it a requirement that all page admins use 2FA for their personal page and make sure they understand how it works. In most hacks we’ve seen, the personal profiles that were hacked did not have 2FA set up.
Keep a record of what credit cards you have associated with your Facebook ad accounts. If your page ever gets hacked, you won't be stuck trying to figure out what card was linked to the account. The sooner you freeze the card, the less damage (financially) can be done.
If you realize you’ve been hacked, report it immediately through the channels you have available. Depending on the size of your social media program (and your advertising budget), your options for doing this will vary.
Larger businesses or agencies often have access to chat support or a Meta Support Pro. Smaller businesses may not have this access and will have to rely on reporting the hack through the Help Center.
If you have connections with someone who has a dedicated Meta Support Pro or chat capability, see if they’re willing to help you. It will speed things up.
Once you report the hack, make sure you keep a record of your support case number and the conversation itself. Follow up regularly, and request phone calls whenever you can. Fingers crossed, one day you reach a kind Facebook employee who takes pity on you and gives you some actionable answers.
Hacks are stressful and scary. But by taking a few steps now, you can mitigate your risk and speed up the recovery process.
May the odds be ever in your favor!
Let the MindFire social team take the pressure off your social media marketing - contact us to see how we can help!