top of page

Cyber security tips you’ll like to follow for social media

World Social Media Day (30th June) recognises social media’s impact on global communication and to bring the world together to celebrate it.

Social media has transformed the way we as businesses engage with our audience, providing a great platform for marketing and brand promotion. It has helped Welsh businesses and organisations to connect with customers, giving access to wider audiences, bringing opportunities to extend our reach, greater accessibility, cost efficiency, brand awareness and informing and developing our marketing strategies.

But have you ever considered that these accounts could be subject to an attack by cybercriminals? We need to be alert to the dangers of account compromise and prevent opportunities to be exploited whether it is Instagram, Twitter, LinkedIn or Facebook accounts.

We have seen examples of businesses that have had their social media accounts compromised, with the cybercriminal changing the email address and phone number to lock them out. They then have the opportunity to blackmail you, requiring a payment in order for your account to be returned.

If your account is compromised, then your social media can be used to post unwanted content, to add malicious links, send out spam, all of which damage your reputation and can erode customer trust in your services or products. Losing control over your messaging, content or engagement with your audience can have significant negative consequences on your business.

So how can you, as a business protect, yourself from the cyber risks?

Strong passwords: Create unique, complex passwords for each social media account. The National Cyber Security Centre (NCSC) suggests using three random words with a combination of uppercase and lowercase letters, numbers, and symbols.

Monitor your account activity: Stay alert to any unusual activity, such as an unexpected post or failed login attempts. If you have any concerns as to your account being compromised, then immediately change your password.

Watch out for phishing scams: We often discuss phishing emails, but they also happen on social media. The same rules apply, so don’t click on unknown links and don’t reveal personal information. Did you know that quiz posts can be designed to steal personal information that can be used as the basis of an attack.

Say “no” to unknown friend requests: consider why the friend request is being made, do you know the person. It could be from a fake account designed to gather information for the purpose of cybercrime.

Two-factor authentication (2FA): In simple terms, 2FA gives you an extra layer of security to your social media accounts by adding two layers of logins. It might seem like a hassle to add an extra step in accessing your online data, but without it you could be leaving yourself vulnerable to your account being compromised.

This easy process works as follows:

  1. Enter your username and password.

  2. The account, platform, or site prompts you to input another form of verification, such as texting a code to your mobile phone or using an authenticator app.

  3. You then enter the verification code to gain access to your account.

To help you set up two-factor authentication we have also collated these useful links for the following social media platforms:







The National Cyber Security Centre (NCSC) also provides the following guidance for setting up two-factor authentication for email accounts:

The Cyber Resilience Centre for Wales is here to support sole traders, micro-businesses and SMEs across the region. We offer free membership which will inform you of the current threats and simple steps to take to reduce your vulnerability to an attack. By becoming a member, you will have the opportunity to speak to one of the team about your own cyber security and concerns.


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for Wales is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for Wales provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for Wales does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for Wales is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page