What do phishing emails target?
Online criminals – like their offline counterparts – want money in the first place therefore they mainly strive for getting the data of bank cards or internet bank accounts, but are practically after anything from email addresses to passwords of social media accounts. Many people still do not take this threat seriously, as they think “who would want my Facebook profile data”, but criminals do not think this way. To an individual, a hacked social media or email account can cause a lot of inconvenience, but to a company or organisation this inconvenience might be translated into considerable amounts of money.
What to do if it has already happened?
If one day you realise that you can no longer access your Facebook account, and someone else you have not authorised is doing so, you should contact Facebook immediately, just as a lost bankcard should be reported to the bank that issued it.
At https://www.facebook.com/business/help you can find general information on how to solve such issues and you can go to a chat window where you can describe your specific problem. For this, you will need to speak English, as you can communicate with Facebook administrators only in this language. You might be asked for a screen shot to verify your request, therefore it is recommended to change the language settings of your Facebook account to English to help the Facebook administrator understand your problem.
If you can prove that you are a victim of a hacker attack, you can usually regain control of your account following a lengthy procedure, but there might still be some damage done due to the time lost or potential image-damaging content posted on the page during this time.
How can you protect yourself from a potential attack?
The most important thing is to be cautious. Phishing emails and links are very professional, they usually clone the page they are claiming to be sent from - one needs to be very vigilant to be able spot the difference. Therefore, it is very important to make everyone aware who in our team has access to the specific profile as Facebook, Instagram or any other serious organisation will never ask their clients for login details. It is recommended that the admins managing the page study the information at https://www.facebook.com/privacy and set up two-factor authentication (2FA) for logins.
This article was produced in collaboration with Drive Online Marketing.
If you want to read more on the different types of phishing, check out this article by TechSoup's IT expert, Filip Jurkiewicz.