How Social Marketers Can Keep Brand Accounts Safe From Malicious Activity
By: Sophie Maerowitz
April 10, 2019
Marketers often focus on the “fun” side of social: the stories, images and conversations that bring a brand to life. Unfortunately, darker forces also exist. Brands now face a number of adversaries; from account hacks to bot attacks. Sometimes, brands are their own worst enemy, violating federal regulations that a social marketer may not have been aware of.
Luckily, technology continuously evolves to meet these challenges, including the Digital Risk suite offered by cybersecurity company Proofpoint. The Shake-Up sat down with Proofpoint’s manager of product marketing Roman Tobe, who will speak on social media crisis management at The Social Shake-Up May 6-8 in Atlanta. Tobe shared some of the biggest social media risks facing brands in 2019, as well as steps marketers can take toward addressing those risks.
Social Shake-Up: Tell us about your work at Proofpoint. What are some recent successes or challenges you’ve overcome for clients?
Roman Tobe: I work on the Digital Risk Protection team, and we’re tasked with monitoring and protecting against threats that live beyond a company’s internal IT network. That includes social media, web domains, mobile apps and the deep and dark web.
The common thread between our successes has been providing visibility into digital channels. Most brands do not have the time or technology to monitor, classify and organize all the digital threats they face. It’s simply too big of a job for a company to take on itself.
Energy companies want to know about potential threats to their facilities. Retail brands need help identifying counterfeit websites. Banks are concerned about social media phishing scams. Across the board, companies need help identifying fraudulent executive social media profiles and accounting for any physical threats to their key people.
In many cases, a company starts with a specific need or threat they need help protecting against, and we can offer visibility into the entire attack surface. That changes their outlook and priorities when it comes to digital risk protection.
SSU: Let’s talk Facebook. In recent years, data leaks, privacy concerns, fake accounts and fear that advertising dollars will not make up for lost engagement have plagued the social media giant. Is it safe for brands to be on the platform?
RT: Yes, but I would advise brands to engage on Facebook with eyes wide open. If brands have a plan in place for their content and account protection policies, they can engage on Facebook with a sense of security.
It helps to have a governance policy and guidelines that social marketers can refer to when engaging on the network. At Proofpoint, we help apply those guidelines with enforceable content policies to use on a given network. For example, many brands on Facebook do not know they can remove unwanted comments from their posts. We can automate content remediation if a comment—or even a post from the brand itself—violates one of the hundreds of available content policies we craft for companies. This would automatically remove negative language, hate speech or, in extreme cases, the posting of regulated data such as social security numbers, email addresses and phone numbers.
What are some ways brands can ensure they keep their social accounts safe from hackers, reputation risks and other threats?
RT: The security protection provided by social media networks is not enough. Additionally, as brands see turnover and on-board new employees, passwords are shared, and former employees retain access to social media accounts. Facebook links admin accounts to personal accounts. Companies must ensure corporate and personal password management policies are in place.
The reputational risks are high. We recently caught a social media account hack in-progress where the attacker tried (but failed) to change all links and the bio to racist messages. They gained access using a social marketer’s personal password, but were stopped from making any changes due to our product. If the brand had not installed security technology on top of the network, these incidents could have drawn nationwide attention and hurt the brand.
SSU: What are the most important legal frameworks and regulations for social marketers to be aware of? Which industries are most affected by regulation on social media?
RT: Companies in financial services, healthcare, energy and the pharmaceutical industry have several regulations social marketers need to be aware of and have a plan for. The most heavily monitored industry is that of financial services. The finance industry has numerous regulatory entities including FINRA (Financial Industry Regulatory Authority) and the SEC (Securities and Exchange Commission), which monitor for compliance violations that can negatively impact their organization.
Regulators look for social media communications to be fair, balanced and not misleading (FINRA 2210). Imagine a financial advisor promising big returns on investments on social media. Financial services need technology in place that can act as a virtual compliance officer, so their brand and sales teams can engage and sell on social media without the worry of raising regulatory red flags.
SSU: Cybersecurity is a major threat on social media. How can social marketers keep themselves safe?
RT: It starts with education and knowing the risks. Social marketers may not be aware that bad actors are trying to gain access to their personal or corporate accounts. These bad actors might also create fraudulent accounts mimicking a brand with the intent of defrauding their customers, or reply to company posts with malicious links. Social marketers must reach out to their security team to get this activity on the company radar. Create a social media and digital security task force, and make sure there are several stakeholders involved in proactive security measures. Social media accounts are becoming invaluable assets. Companies cannot do without them. Adding security measures to these channels helps keep brands safe, helping to ensure they make the news for all the right reasons.
Connect with Roman on LinkedIn.