Why Every Creator Needs A Social Media Fail-Safe Plan (And How To Create One)

Are you worried about all of the attempts to hack your social media accounts?
A single hack can wreak havoc on your business if you don’t have the right systems in place.
In this post, we share tips on how to prevent hacks as well as how to minimize their effect.
Why influencers need a fail-safe plan for social media
Cybersecurity is a weird topic. It’s a huge threat we all face, even those of us who don’t go online, and yet, it’s hardly talked about outside of the tech niche.
Unfortunately, influencers of all sizes are in danger of being hacked at any moment. Threats happen all the time, and a successful hack causes more problems than simply not being able to post videos for a little while.
Hacks have the potential to harm your businesses and your followers because they can go undetected for quite some time.
Hackers may impersonate you to siphon sponsorship money to themselves, or scam your followers into clicking malware links.
Why do hackers target influencer accounts?
Hackers may spend more of their efforts targeting influencer accounts over celebrity accounts, and it’s not only because they assume influencers are more reckless with their accounts.
There are clear differences between influencer accounts and celebrity accounts.
For one, celebrity accounts are personal and more for marketing than anything else. They perform their work outside of social media and only come to social media for fun or to expand their online presence.
An influencer’s business, on the other hand, depends on social media.
The other clear difference between influencer accounts and celebrity accounts has to do with the major difference between influencers and celebrities in general.
Influencers grow an audience by creating content exclusively for social media, so they often have deeper connections with their audiences than celebrities do with their fans.
These differences are what make influencer accounts targets for hackers because once a hacker is able to achieve the hack, they can scam the businesses the influencer works with, creators they’re friends with, and their followers.
The higher the follower count, the more potential hackers have to achieve scams and distribute malware links, especially if the account is verified.
Some hacks come with an agenda. A hacker may hijack a large influencer account to spread propaganda or hold it for ransom money.
Other times, hacks are targeted. An influencer may have social media users who dislike them (“haters”) or even a few enemies who want to see them fail.
Times when creators were hacked
One of the biggest hacks of an influencer happened to Linus Media Group who run the YouTube channels Linus Tech Tips, TechLinked and Techquickie.
The hacker was able to take control of all three YouTube channels by hijacking browser session tokens, which allowed them to bypass security protocols like entering login credentials and passing two-factor authentication.
According to the frontman and namesake of Linus Media Group Linus Sebastian, the hacker was able to achieve this hack through a malware-ridden PDF file that claimed to be a sponsorship offer from a potential partner.
The hack was able to occur because the PDF file was downloaded from an email on a computer that was also signed into the Google account that’s connected to the company’s YouTube channel.
Before the account was secure, the hacker was able to stream crypto scam videos live to over 15 million followers, change the names of the channels and delete videos altogether.
These types of hacks aren’t new, unfortunately.
In 2018, Vice published a story on how Bitcoin scammers were able to hijack smaller influencer Instagram accounts and hold them ransom in exchange for Bitcoin.
One victim was actor and businessman Kevin Kreider who was a fitness influencer with 100,000 Instagram followers at the time.
Like Linus Media Group, Kevin opened an email from a potential sponsor on his phone while he was at the gym. The email contained a cloaked scam link.
When Kevin clicked the link, he landed on a page that stole his login credentials for Instagram. Once hackers hijacked the account, they contacted Kevin again with a demand for $100 in Bitcoin.
They deleted his account, anyway, even after he paid, but fortunately, he was able to gain control of it again with help from Vice.
One influencer from the story never regained access to her account. One sent small amounts of Bitcoin to the hacker while her tech-savvy friend recovered her account. A third influencer only regained control after her followers pressured Instagram to step in.
A story from vice the following year explained how some influencers had to rely on the actions of white-hat hackers in order to regain control of their accounts due to inaction from Instagram themselves.
These white-hat hackers are able to “hack the hackers themselves” and hold their own accounts ransom until the black-hat hackers restore access to the original owners of the accounts.
How to secure your social media accounts
The most basic way to secure your social media accounts is by using a strong password and avoiding using the same password for multiple accounts.
You should also avoid reusing old passwords.
In fact, many tech experts recommend not using a common security protocol many companies use that require employees to change their passwords periodically, such as every month.
Tech experts say all this does is encourage people to reuse old, familiar passwords while only changing one thing, such as the number or punctuation mark used.
If you decide to use a password manager, do so carefully by following a few simple security tips:
- Secure the file that contains your access key.
- Don’t save credentials for your email accounts to your password manager.
- Have separate passwords for your email address and password manager.
By not saving login credentials for your email accounts to your password manager, you increase their security by making it harder for hackers to initiate account takeovers by hacking your password manager.
In this case, while they may have the login credentials for your social media accounts, they still need to pass two-factor authentication, which isn’t possible if they aren’t able to control your email address and phone number.
Speaking of, you should also enable two-factor authentication for every social media platform you’re a part of and use secure devices.
This may include having multiple devices so you don’t open emails on the same device that manages your social media accounts.
Keep your device and all apps up to date as well.
Choose your cellphone carrier carefully to avoid a potential hack called “SIM swapping.”
With this hack, hackers are able to transfer your phone number from the SIM card in your phone to one they control.
You should also minimize the number of accounts that are associated with your phone number. At minimum, use separate devices and phone numbers for your business and personal life.
You can also keep a burner phone handy or use a temporary phone number service for innocuous things like when websites or apps want to verify your humanity by sending you text codes.
Since these aren’t necessarily websites and apps you plan on visiting on a regular basis, you shouldn’t give them your primary phone number.
If you learn about a potential security breach of your account or a social media platform you use, change your passwords immediately.
Finally, delete accounts you no longer use, even old email accounts.
Dormant accounts are common targets for hackers because the hacks often go undetected, and those accounts may hold crucial personal data.
What to do if you get hacked
Here are signs that you’ve been hacked:
- You cannot log into your account.
- You get a notification about a change to your account you did not make.*
- You receive a login notification from a device or location you do not recognize.
- Your family, friends, followers and fellow creators tell you they’re getting suspicious messages sent from your account.
- Your account publishes posts you do not recognize.
*If you work with more than one person who has access to your accounts, check with them first to see if they made the change.
If you’re experiencing any of these signs, you’ve probably been hacked. Here’s what to do:
First, if you are able to log into your account, make sure the only email addresses and phone numbers associated with it belong to you. If so, change your password.
Unfortunately, a successful hack locks you out of your account. Since it may have occurred from malware, try to secure your devices. If you’re using Windows, Android or macOS, use a software like Malwarebytes to scan for and remove malware.
iPhones are harder to infect, so you should be okay if you use one. If you’re unsure, make sure your device and apps are up to date, then clear your cache.
You should also remove suspicious apps you don’t recognize. A worst case scenario involves you factory resetting your phone, having it looked at by Apple support or replacing it.
Reset your device after removing malware before you attempt to recover your account.
Unfortunately, each social media platform has different protocols for account recovery:
You might also enlist the help of a cybersecurity company to recover your account. They can also assist with securing your accounts before and after you’ve been hacked.
Just make sure you do thorough research to prevent your account from being compromised by hackers posing as cybersecurity firms.
Approaching potential sponsorship deals cautiously
Since the majority of these hacks occur from hackers posing as potential sponsors, you may be a little worried, especially if you’re trying to land your first sponsorship deal and don’t have many options to choose from to begin with.
Whatever you do, don’t be quick to click a link or download a file from an email address you don’t know.
Use a tool like NordVPN’s link checker instead. The tool also has a file scanner.
Your email provider should have a file scanner as well. You can also ensure you have antivirus installed as it’ll scan files for you automatically.
Again, make sure you are not logged into your social media accounts on the same device you use to click a sponsorship link or open a sponsorship file.
If you’re really unsure, you can always transfer the file to a USB drive and open it on a device that’s not connected to the internet or logged into anything.
A more technical approach would be to set up a virtual machine on your computer and open the file from there.
Making sure you have multiple communication channels
One problem with social media, email and phone number hacks is how crucial each one is for communication.
Many influencers likely only communicate with brands through direct messages on Tiktok or Instagram. So, if your account gets hacked, you lose the ability to communicate this with the brands you work with.
This is why it’s so important to not only establish multiple communication channels for the people you work with but also ensure you operate your email accounts and social media accounts on different devices.
Again, not sharing passwords or the same password manager between your email and social media accounts is important as well.
How to secure your content
Even if you recover a hacked account, there’s no guarantee that you’re going to be able to recover any content the hacker deleted.
So, before a hack does occur, take the time to secure your content.
You can get as simple or as technical with this as you want.
The simple route would be to upload copies of images and videos you post to a cloud storage solution like Dropbox, Google Drive or OneDrive.
If you want to keep local copies as well, connect a NAS (network attached storage) device to your computer.
This may require acquiring a computer if you only manage your business with your smartphone and laptop, but it’s worth it for the extra layer of security in case something happens to your social media accounts and your cloud-based backups.
How to retain your audience through a hack
One of the biggest fears influencers have about getting hacked is losing access to the following they’ve built.
Larger creators have fans that’ll follow them anywhere. Smaller influencers, on the other hand, are notorious for only building a following on a single platform.
That’s why the simplest way to ensure you retain at least some of your audience through a hack is by making sure you have an audience on other platforms.
If your Instagram gets hacked, you can keep your audience informed on TikTok, and vice versa.
Even if you don’t have the time or resources to create unique content for each platform, you can still repurpose content from your main platform to other platforms.
Use a social media scheduler like SocialBee to cross post to multiple platforms at once.
Lastly, consider building an email list with a tool like MailerLite. It’ll give you a way to stay in touch with your audience that’s independent of a social media platform you don’t control.
Establishing multiple and versatile revenue streams
Yet another drawback of social media hacks is the potential for you to lose access to your biggest revenue stream.
To prevent a hack from impacting your finances too much, make sure you establish multiple revenue streams for your business.
Sponsorship deals are great, but you should also earn revenue through ads, affiliate marketing, merch and even your own products.
Making these revenue streams versatile is as simple as ensuring you don’t link a single one to a specific platform (except ad revenue, of course).
Promote affiliate links, sponsored products and your own products to every platform you publish to. This ensures you at least retain one or a few revenue streams even if one of your accounts becomes compromised.
Preventing collateral damage
Collateral damage is all of the additional things that can become compromised if your social media accounts get hacked.
These include your email accounts and bank accounts.
To prevent collateral damage, follow these security protocols:
- Use a dedicated bank account for sponsorship deals.
- Use separate, secure email addresses, passwords and phone numbers for your business and personal accounts.
- Monitor financial activity.
Winning back trust
Even if you recover your accounts, there’s no guarantee that your followers, sponsors and fellow creators will trust you again.
This is why videos like the one Linus made after his company’s hack is so important.
Not only did he provide all details on what the hack entailed, he explained what went wrong, admitted fault, didn’t place the blame on anyone but himself, and explained what changes his company will make to prevent hacks like this from occurring in the future.
Followers are very understanding. Your fellow creators will understand as well since they likely face the same threats.
Sponsors, on the other hand, may not be willing to work with you in the future.
If you lose sponsors, don’t get discouraged. The best way to fight bad PR is by overshadowing it with good PR.
So, once your accounts are secure, continue putting out good content. You’ll gain new followers by sharing your experience, and soon, this hack will be nothing but old news.
Disclosure: Our content is reader-supported. If you click on certain links we may make a commission.