I am back on Shaun St. Hill’s Tech and Main podcast, this time talking about the benefits and frustrations of using passwordless technologies. There are some signs of hope, particularly with new tools that don’t require you to type in one-time codes but can recognize your smartphone’s intrinsic hardware to help authenticate you. Of course, this means you need a smartphone for every employee.
Hopefully the day will never come when you find your Facebook account has been hacked or taken over. It is an awful feeling, and I feel for you for the world of hurt that you will experience in time and perhaps money to return your account to your rightful control. Let me take you through the recovery process and provide some proactive security pointers that you should follow to prevent this awful moment from happening, or at least reduce the chances that it will.
There are actually three different scenarios.
Scenario 1. You let a family member or friend “borrow” your Facebook account on your computer or phone. They proceed to consume content, post messages as you, or befriend random people. This happened to a friend of mine, who had a grandchild staying at her home for a week. The girl left town and left a mess behind on my friend’s Facebook account. “She didn’t post anything to my account, but I had odd friend requests that I had to clean up. I decided to just quit using my account.” This is more of a nuisance than a hack, but still annoying.
Remedy: First, check to see where else your account is already logged in at this screen, as shown below:
This list should remind you of all of your devices that you have used Facebook on in the past. I took this screenshot after I found (and then removed) one of older Windows laptops that I hadn’t used in years on the list. You’ll also see an entry for my iPhone that is located somewhere in Indiana. I haven’t visited that state in years, so sometimes the geo-location algorithms are a bit wonky. Even if your account isn’t hacked, it is helpful to routinely check this screen to make sure you haven’t enabled a login by mistake.
If you don’t recognize (or don’t use) any of these devices, click on the three vertical dots on the right and force those machines to log out of your account. Next, change your password to something unique. Also, remember in the future to sign out of Facebook (and Messenger) before you loan your device to anyone.
Scenario 2. Someone uses your photo and name and sets up a new account. Then they proceed to try to recruit your FB friends to their account.
Remedy: There isn’t much you can do about it, other than tell people you are still you and to ignore the imposter. This should be a warning when you receive a friend request from someone that you think you have already befriended, or someone that you haven’t communicated with in years. A word to the wise: send them an email or text asking if the request is genuine.
Finally, there is the doomsday scenario. Someone guesses your account password and proceeds to lock you out of your account. This situation is the most dire and fixing this will depend on what else you have linked to your Facebook account and how determined you are to get it back.
This happened to Elizabeth, a book author. She ended up working with two different friends who were IT professionals and a lawyer over the course of four months. She had two complicating factors that made recovering her account difficult. First, she used Facebook ads to promote her books so she had connected her login to her credit cards. This resulted in the hacker charging her card with their own ads to try to lure other victims to compromise themselves. The second complication was that she was using her author’s pen name and a random birthday for her account. During the recovery process, Facebook asks you scan your ID to verify who you are. When she told me this, I was concerned. For years I prided myself on using January 1 as my Facebook “birthday.” Now she was telling me that I was setting myself up for trouble if someone hacked my account.
She eventually got her password reset, but almost immediately the hacker would then reset and takeover her account again. “I tried to get someone at Facebook to help me, but I couldn’t get anyone on the phone,” she told me. Before the pandemic, the company had a special phone hotline for industry insiders, “but this was discontinued,” she said. She had more success blocking the credit card charges by phoning her bank. “I was trying to be a step ahead of the hacker, and losing sleep. My whole life was put on hold as I tried to deal with the situation. I got no work done for months. I ended up changing my passwords on more than 30 different accounts.”
So if you find yourself in this last situation, you have three basic choices:
Proactive security measures
So if you haven’t been hacked (yet) and are getting somewhat uncomfortable reading this, here are some steps to take to secure your Facebook account to reduce your pain points. Start today with doing at least one of them, and make sure you take care of all of the items as soon as possible.
First, before you do anything else, you need to set up additional login security on your Facebook account. Facebook offers you a set of confusing choices, but the one that I recommend is to use an authenticator app such as Google Authenticator. (That link will take you to the page below where you set this up.)
This is an Android or iOS smartphone app that will be used as part of the login process, why it is called a second factor. After you supply your username and password, Facebook asks you to type in a series of six numbers that are generated by the app. These numbers change every minute, so you need your phone nearby when you login. If you want extra credit, take the time to enable this second factor method on your other accounts, including any banks and credit card companies that support this method (warning: sadly, few do).
Elizabeth was using a less secure method for her second factor: sending the six numbers as a text message to her phone. You can read more about why this isn’t my preference here,
Next, you should check to see if you have any payment methods configured on Facebook, even if you have never purchased any ads. I was surprised that I found my Paypal address linked to my Facebook account in preparing for this article, and I thought that I was being careful about my Facebook security. Go to this link to remove any payment method, If you are running any ad campaigns on your business, you will have to stop them first. (Sample screen shown below)
Next, you should remove connected apps and websites. If you have signed on using your Facebook credentials to third-party apps, now is the time to review and remove them here. The same is true with removing any business integrations. You take a small hit in not being able to automatically login to these other services, but you also protect yourself if your account has been compromised.
If you have a Facebook business page, you should have at least two people who have admin rights to this page. (Go to Page Settings/Page Roles.) If your business account is hacked and you are the sole admin, it will be next to impossible to get it recovered. This contact should also have second factor authentication turned on.
Finally, check your account’s email contacts. You should have at least a second (or more) contact that Facebook can send you notifications, in case your main contact becomes compromised. Of course, use different passwords with these different email accounts.
I know, this seems like a lot of work, and there are a lot of places in the Facebook settings pages that you will have to visit and pay attention to the various choices. And chances are, these links provided above might not work in the future as Facebook likes to make changes to its settings. If these activities to make yourself more secure hasn’t gotten you frustrated, you might want to continue to improve your security. Either the Jumbo smartphone app or Avast One (available on Windows, Mac, iOS and Android) can help walk you through the numerous steps to secure your Google, Twitter and other accounts.
Here are two other parting words of wisdom:
Think before you click. If you get a message from what looks like a social media company saying that your account has been compromised, don’t follow any links or call any phone numbers in the message. This could be a lure from a hacker. Instead, navigate to the site or use their own app directly.
You should also be aware of things that seem unusual. Keep an eye out for messages you didn’t send, posts you didn’t create or purchases you didn’t make. These all could be tells that someone has guessed your password or compromised your account. If you are lucky, it could be an errant teen using one of your computers.
As Elizabeth told me, “being hacked is like getting a digital tattoo, everyone can see the after-effects of your poor choices.”
And if you would rather listen to my descriptions, my podcasting partner Paul Gillin interviewed me on this subject in a recent 16-minute episode.
This is the deck I am using for an upcoming talk at the St. Louis IAM meetup. I discuss the various trends in passwordless technologies, how the label is somewhat of a misnomer, and what to look for if you are going to deploy these tools across your enterprise.
Few of us get to have as much influence over a more public website than Annalisa Church, VP Digital Technology, Insights & Operations for Akamai. She has built a career on converging marketing and technology to drive better experiences for customers and build long-term value for enterprises. She is devoted to transforming marketing into a data-driven organization through actionable insights and ensuring the voice of the customer. Prior to Akamai, she worked for eight years in Dell’s marketing department.
Annalisa recently led a massive overhaul of the Akamai website, which is available in nine different languages, with more than 1,200 pages in English covering 18 different products. The site has tremendous customer engagement, with one million monthly visitors, and almost two-thirds of them become customers after visiting the site.
The diagram below shows some of the changes that Church implemented during her redesign to make it more effective and more relevant to visitors. These efforts have paid off in terms of more engagement, more conversions from visitors to customers, and wider impact.
Listen to our podcast here:
Back in the early 1990s Ruth headed up marketing for the Ziff Davis Computer Library, an early – and highly profitable – business that repackaged content from Ziff-Davis’ portfolio of publications and delivered it on a CD-ROM, if you can believe it. Ruth is an unabashed fan of B2B marketing with a wide scope of interests. As a blogger on Biznology.com, she has lamented the often toxic relationship between sales and marketing organizations and described tools for connecting with your website visitors that even our hosts were unaware of.
Ruth is past president of the Direct Marketing Club of New York and was named one of the 100 Most Influential People in Business Marketing by Crain’s BtoB magazine. She has written a number of books, the most recent being B2B Data-Driven Marketing: Sources, Uses, Results, which was co-authored Theresa Kushner. In a recent presentation, she talked about ways to plan your content marketing library.
Among the topics we touch on in this interview is the value of account-based marketing, the importance of understanding the difference between lead quantity and quality, the mistakes that B2B marketers make that still drive her crazy and why B2B marketing is more complex, difficult and fun than B2C marketing. You can listen to our 20 min. podcast recording below.
For years Paul and I have used Help A Reporter Out. The service — now owned by Cision — a
Qwoted flips the PR paradigm on its head by letting journalists initiate the conversation and cutting out the need for pitches.
Simon has lots of pointers to help PR and marketing staff get the most out of his service. He is deeply steeped in the field, having been president of Cognito, a New York financial services agency, among other roles. Simon recommends that you use the tools he provides to search on previous successful match-ups and examine the job titles more carefully, as well as to fill out the profiles to make your expertise more transparent and compelling.
You can listen to our 16 min. podcast here:
One of the best ways to promote your book is by reaching new readers with pre-release copies, and thanks to a service called NetGalley, you can add this to your toolbox.
I have been using NetGalley as a reader for the past several years: the idea is that I can read new books that interest me for free, provided that I review them and post my reviews on Amazon and other book selling sites. In this presentation, I will show you the author’s point of view. Yes, it does cost to make your pre-release “galleys” available—but the fee is a very reasonable $450 per book, or $200 if you are a member of IBPA. In this presentation, I will show you how NetGalley works, what kinds of books are best for the service (including audiobooks) and the best time to take advantage of it as part of your book marketing efforts.
This speech will be given to the St. Louis Publishers’ Assn September 8.
A new report on social media usage by the channel by Jay McBain of Forrester Research finds that the groups people use and the way they use them is changing amid a 13.2%, 490 million-user surge in social media use in 2020.
The report lists major tech channel groups that both managed service providers and channel managers should know about for each social network. McBain’s informal research found that Facebook Groups have replaced LinkedIn as the place to talk tech. He claims many LinkedIn groups have become ghost towns overrun by spam. Half of his respondents to his survey were disappointed with engagement levels on the platform.
The report prompted me to realize that he belonged to more than 50 groups and couldn’t remember the last time he posted — or even clicked on content on any of them. McBain has identified more than 40 FaceBook Groups that IT folks should take a closer look at.
One of the more important lessons of this research is that social media groups aren’t an ad medium but a way to engage potential partners on a grassroots level. Too often we both have seen plenty of spam or vendor posts that don’t really encourage discussion. The speed at which channel firms have apparently abandoned LinkedIn groups shows how quickly attitudes can change if group members don’t believe their needs are being respected.
McBain also reviewed several other social networks, some of which we hadn’t heard of. Up-and-comers include the audio- and app-oriented Clubhouse and Discord, which was originally for gamers but which has broadened its scope. McBain rates Twitter the second most popular spot for tech content, even though it really doesn’t have the community engagement tools to match Facebook or LinkedIn. And he advises B2B companies to keep an eye on Reddit, which had 52 million daily active users worldwide at the end of 2020, up 44% year-over-year.
Although the report is aimed at technology channel companies, it’s a useful way for any B2B marketer to take a fresh look at the social groups you use to get your message across.
You can listen to our 14 min. podcast here:
Our interest in this portfolio is high — Paul has written most recently about the foundation here for SiliconAngle. We spoke to her about her role at CNCF and the tactics the foundation has found to help mainstream IT adopt cloud and container technologies, getting her members to agree on a single standard, how to sell open source to the prototypical “pointy-haired boss” and what tech marketers can learn from the cloud evolution that they can apply to solve their own business problems. You can listen to the 20 min. interview here.
Last week Volkswagen tried and failed at an April Fool’s prank that involved changing its name to “Voltswagen” in recognition of its belated line of electric vehicles. The name change was confirmed through its press channels before Volkswagen eventually revealed that it was “only” a joke. Only a lot of people in the media weren’t laughing, believing that they had been manipulated as part of a marketing stunt.
The issue once again emphasized how tone-deaf companies can be in light of their reputations (Remember the whole diesel stats fiasco?) This brings up the topic of how to be cautious about your choice of language. The issue is particularly relevant in this time of hyper-sensitivity to issues of race, gender and disability.
An older article on The Hill has several examples of neutral language, such as using “pro-life” rather than “anti-abortion” to describe sides of that sensitive issue. My podcasting partner Paul weighs in on a recent experience he had writing an article about autism in the workplace: many of those folks prefer to be called “autistics people” rather than “people with autism.” The latter approach, called “individual first,” is favored by people with disabilities but autistic people don’t consider themselves to be disabled. Language has been widely used to shape the gun debate as well.
We’re seeing corporations increasingly weigh in on social and political issues and the need to be sensitive to special interests has never been greater. The most recent example is voting rights bills that are being considered by various statehouses. Several large companies have weighed in on the issue, with language ranging from blunt in the case of Delta Airlines to Microsoft’s more nuanced approach. And media, who likes a good fight, has largely overlooked the numerous bills that expanded rather than restricted these rights, something that the Brennan Center has tracked extensively.
You might want to take some time to review these links to understand how much language matters these days and to think twice about how you express your corporate position. You can listen to our 15 minute discussion here: