The Worst Content Marketing Is What Everybody Else Is Doing: How to Get Ahead and Stay ThereContent Marketing Minds: Ingredients of the Tastiest Content [Nutrition Label]From the Corn Field to the Digital Era: Content Marketing Starts with TrustContent Marketing: Is 2014 Really Shaping Up to Be the Year of Video?
Your Customers Aren’t Listening! How to Create Consumer Dialogue that Converts4 Tools for Nonprofit Social Listening and Reputation ManagementThe Promising Role of Social Listening in Treating Health IssuesThe Importance of Social Listening for Brands
- Public Relations
Facebook Testing a Way for Users to Buy Products on the PlatformRise of Social Media in Ecommerce [INFOGRAPHIC]How eCommerce, Augmented and Virtual Reality Will Redefine the Retail ExperienceSearch Query Analysis to Increase eCommerce Website Conversions
- Content Marketing
Technology & Data
Social Startups: Bizible Connects All the Dots from Marketing Contributions to RevenueCreating the Perfect Profile for Your Social Media Marketing EffortUsing GPS and Localization for Social AnalyticsAnalytics and Prospect Intel: Discovering Your Ideal Prospect
- Big Data
- Tech & Innovation
3 Security Risks You’re Taking Every Day While Using Social MediaShould the President Have the Power to "Pull the Plug" on the Internet?How Safe is Your WordPress Website From Hackers and Other Malicious Attacks?
- Software & Tools
- Small Business
- Social Organization
Celebrating the Grand Re-Launch of Social Media Today! SBH Podcast Episode 8Why Should You Care If Your Employees Are Thought Leaders?Beyond Engagement: The Art of Managing Social-Media Risk in Employee Advocacy
Why All-in-One Social Media Management Systems Don't Cut It for Social Customer ServiceWhat You Should Know About Customer, Digital, and Contextual ExperienceSurging into Q3: How to Make It Better Than Q2Is How You Serve Your Customers Costing You Business?
Join us September 15th in Atlanta for The Employee Advocacy Summit and learn how to unleash the power of your employees.
Post your event here and we'll share it with our community. If one of our members is featured, we'll promote as well on their profile.
- Marketplace & Webinars
The SMT Marketplace
Your resource for exclusive content and insights from Social Media Today, and opportunities to reach our community of professionals.
The Social Business Book Club brings you books, discussions, and insights from today's to business thought leaders.
Join interactive talks and and panel discussions with leading thinkers and practitioners on social media and networked business, or browse the catalogue of recorded sessions - all completely free.
Reach Social Media Today's community of marketing and communications professionals in an editor-approved context with a native advertising package.
First Aid for Twitter Hijacking
Posted on March 4th 2013
It feels as though February was a bumper month for company Twitter hijacking. Burger King and Jeep both suffered high profile attacks. Scottish Power customers received phishing emails and French news agency APF’s photo feed account @AFPphoto was taken over by pro-Syrian lobbyists.
It goes without saying that speed is of the essence to defend your brand against a similar attack. Here’s our cut-out-and-keep guide to Twitter hijacking:
Update 2 May 2013: In the light of the recent spate of high profile media hackings, Twitter has issued advice for the media, which where appropriate, I've incorporated into this guide.
Prepare to protect your company Twitter account
- Keep your password strong and secure and change it regularly. How strong? Minimum 20 randomly generated characters including numbers, punctuation and uppercase. Nothing linked to the account please, like ‘MyC0mpanYPa55W0rd!’). Never email your password. Use a secure log-in (we use OneLogin and GroupTweet) so you don’t have to share the password. Change it every few months.
- Using a Password Manager integrated into your browser can help prevent
successful phishing attacks and will allow you to use very strong passwords which can't be memorised. Third-party solutions such as 1Password or LastPass, as well as the
browser’s built-in password manager, will only auto-fill passwords on
the correct website. If the password manager does not auto-fill, this
might indicate a phishing attempt.
- Never send logins via email. even internally. Use the phone or IM instead.
- That being said, Twitter uses email for password resets and official communication.Keep your email accounts secure. If your email provider supports two-factor authentication, enable it. Don't use the same passwords for email as for anything else.
- Remember which email address you are using with the account at https://twitter.com/settings/account, and keep it secure.
- Get a mobile/cell number associated with the account via the profile settings and verify it. Consider using the new two-step authentication process offered by Twitter (read eModeration’s view on it here).
- Watch your output. Stating the obvious, but make sure that you have a column open watching your feed and that it is monitored as close to 24/7 as you can get.
- Have an escalation process in place with 24/7 contacts and ensure it is available to all who may need it. Keep it updated!
If your Twitter account has been hacked
1. Accounts which don’t pay for promoted Tweets
- Change your password immediately, if that’s still possible.
- If you can’t log in to change it, then request an email from Twitter via the password resend form, which will give you the opportunity to reset it. Be sure to use the username and email address associated with the account.
- Lost access to the email account associated with the account? Try entering the phone number you had verified in that form instead to reset it via SMS.
- If you've lost access to the email address that's linked to your Twitter account and haven’t got a phone number associated, you can try contacting your email service provider to try and regain access. Here are contact links to common email providers.
2. Accounts which DO pay for promoted Tweets
- Follow all the steps to try to change the password – but with your other hand, immediately file a report here: https://ads.twitter.com/login/?help=please. Be clear about the name of the company Twitter account and the severity of the hijack.
- Contact your account manager at Twitter who will call the tech teams to shut down the page.
- Follow the escalation plan you have in place which will give you the process and 24/7 contacts for clients (if you are an agency), management, legal, social media team and PR.
After you have control again
- Put out a statement alerting the public to the hacking and misinformation, with an apology to the community.
- Delete the errant tweets and pictures.
- If humour is at all appropriate, then it’s an effective method to get the crowd back on your side.