After dealing with a significant variety of cases from our clients over the past six months, we have acquired extensive knowledge of how easy it is to recover a hacked account or take-down prohibited materials on the various social media platforms – including those frequented by children. I’m personally terrified at the ease in which a social media account can be compromised and, worse – a hacker can fundamentally lockout the original user. With some basic security settings, social media platforms can overcome these security vulnerabilities. I’ll explain in detail.
First, let’s look at the big social media platforms. I’ll reveal their failings, explain what they should be doing better and grant them for their current user-security measures.
Facebook is not as secure as you should believe
Facebook can be hacked quite easily. The only thing the hacker needs is the knowledge of your email and your password. The issue arises when users use the same password with the same email address on multiple online websites or services. It’ll only take one of these platforms to suffer a data breach, spilling your email and password to the highest bidders on the dark web. They can use this information to try and access some of the world’s most-used platforms like Facebook.
If a hacker is able to login into your Facebook profile, they can change both the password and the email of that account. However, Facebook will send the original email a message explaining what was changed and give you an option to secure your account. If you are unable to click on this specific link from Facebook within a few days, that link will be invalidated. So after a certain time, it will be near to impossible to get access to your own account.
If you are fast enough, you can let Facebook know that your account has been hacked. But it will take time to recover the account. Meanwhile, the hacker continues to have access, granting them rights to use your account in a number of ways, including:
- Download your entire Facebook profile history
- Download all your images and copy all your private messages
- Add or remove friends
- Change your profile URL
- Change your name
- Change your profile image
- Post scam-related articles on your Facebook profile
- Add a 2FA security code to your profile that only the hacker got access to
- Change your phone number connected with the account
We’ve seen several instances of the hacker trying to use the same passwords to access our clients’ email accounts. If they get access here, they can remove all emails from Facebook to help you recover your account in the future. They can also expedite changes to your profile.
It’s clear that Facebook is failing at protecting its users. We give Facebook a score of 3 out of 10.
Also read: How to recover a hacked Facebook account
What can you do to secure your Facebook?
Add 2FA (Two Factor Authentication) and choosing text messages as the way to verify your login. Then add 3 or more friends that you trust in trusted contacts. These can help you recover your account in the event of a hack. Ensure you use a unique password on Facebook and that it is not similar to your email password.
Snapchat is dangerous
Snapchat is used by many children, and that inherently makes it a particularly dangerous platform. We have had serious cases where children who are under the age of 15 have been hacked and had their nude photos leaked in an extortion attack. First off, talk to your children about NOT sending nude photos or sexual content anywhere on the web. Unless they’re educated on the matter, some children are unable to understand the consequences that some of their actions can have. Snapchat is known for “sexting” and that is why Snapchat is so dangerous.
If you don’t have Two-Factor Authentication on Snapchat, just knowing your email or username, and the password, is enough to take the account over. We have had clients that tried to follow the security alerts from Snapchat about unusual logins and the change of email and password, without any success.
If a hacker successfully targets an account with sensitive photos and videos, the situation can quickly escalate. Not only is this a serious crime committed by the hacker, but it can also have serious consequences for the person that is under attack.
Snapchat has an easy-to-use form for you to fill up and notify them if your account has been hacked. The issue is that it can take up to a week or two before Snapchat responds. That’s enough time for a total compromise of your account that’s unrecognizable from its original state. Your sensitive photos and videos can already be misused.
Snapchat receives a score of 1 out of 10 and is easily the worst social media platform for children.
Instagram is plagued by many of the same issues as Snapchat and Facebook. Bafflingly, the worst thing about Instagram is that there is no way to contact Instagram in certain cases where your account has been hacked. Instagram explains:
These instructions do not work in most of the cases where we have helped our clients re-take their Instagram accounts. It does not give an option like what Instagram has explained above. Is this just a temporary error? No, we found a different user who experienced the same problem a year ago:
Instagram has made it very hard to verify your own identity, which is strange as it is owned by Facebook.
On Instagram, users tend not to have very sensitive photos or videos, so we are rating Instagram to 2 out of 10.
Also read: How To Recover a Hacked Instagram Account
What features should these social media platforms implement to improve their security?
- The original verified email of the account should always have the privileges to reset the password and emails of the social media account.
- The original verified email of the account should be able to lock the account for a period of time kicking out everyone from the account.
- To change the password of an account, the user should have to verify this through email.
- To change the email of an account, the user should have to verify this through email.
- All social media platforms should make it easier to report a serious incident and have shorter response times.
- Should be mandatory to implement 2FA and verify their phone numbers.
We are certain that by implementing these six suggestions from us, these social media platforms will become safer to use for hundreds of millions of users everywhere.