Recently, the CEO of a successful marketing firm had their Facebook account hacked, leading to a loss of $250,000 in unauthorized ads for an online gambling site. Despite lacking cybercrime insurance, neither Facebook nor the bank took responsibility for the funds' replacement. Another firm faced a similar issue with a hacker pausing legitimate ads and initiating weight-loss spam ads, costing them potential damages of $40,000 to $50,000.
When many people hear these true stories (with the name of the companies withheld to protect their privacy), they adamantly believe someone besides them should step up and take responsibility, covering the losses. “It wasn’t OUR fault!” they say. However, the simple reality is this: if you allow your Facebook account – or any other online account – to be hacked due to weak or reused passwords, no multifactor authentication (MFA) turned on, improper e-mail security or malware infecting your devices due to inadequate cyber security, it is 100% YOUR FAULT when a hacker compromises your account.
Here’s what you need to do to protect yourself:
Avoid Weak Cyber Protections: Both incidents highlight the vulnerability of cloud applications to hacking, emphasizing the need for robust cybersecurity measures.
Responsibility on Users: The onus is on users to secure their accounts. Weak passwords, lack of multifactor authentication (MFA), and inadequate device security contribute to vulnerabilities.
Awareness: Share information about these scams with your staff to foster a cautious approach to cybersecurity.
Strong Passwords: Create unique and robust passwords for each application, utilizing reliable password management tools.
Access Control: Limit the number of individuals with access to accounts, promptly removing users when access is no longer necessary.
Device Security: Ensure the security of all devices connected to your network to prevent malware threats like keyloggers.
Prevention is paramount; proactively implement these measures to avoid potential financial losses and business disruptions.
If you want to ensure your organization is truly secure, click here to request a free Cyber Security Risk Assessment to see just how protected your organization is against known predators. If you haven’t had an independent third party conduct this audit in the last 6 months, you’re due.