Use unique passwords for each social network

It’s a pain, but it is also absolutely essential that you don’t use the same password for Twitter as you do for, say, Facebook, Instagram, and other social tools. Using a single password makes it easy for hackers, as gaining access to one means gaining access to all – and imagine how painful it will be when you find you’re locked out of your entire online life. When you use one password for multiple services, you’re only as safe as the least secure service you use.

Watch your mailbox

How can these social account hacks happen? By direct messages to you. Yes, using the same approach phishers have used for years it tends to be a rogue link in a message or email, perhaps sent to look like it’s from a colleague or friend, that exposes that all-important password. Phishers will find out who you would expect to receive an email from and use that as a way in. This social engineering approach has worked on staff at major newspapers and government organizations, so don’t fool yourself into thinking hacking social network accounts must require more sophisticated techniques.

Don’t be too personal

Social engineering is where attackers use whatever information they can glean from your public profiles – date of birth, education, interests – to try to get into your accounts on all sorts of services. Just imagine how easily someone can find out the name of your first pet or school from your Facebook profile, then think about how many services use them as security questions. Keep as much of your profile private as you can, and think twice before posting absolutely every aspect of your life.

Lock your phone

It’s not only faceless scammers on the internet. Your phone can end up in the hands of a stranger, giving access to your social accounts (and more). It’s not just rogue updates: once they’re in they can obtain your email address, target your friends using your profile as bait, and even change your password. To make it as difficult as possible for an intruder, you should always enable the passcode lock on your phone, and set it to time out at no more than a few minutes.

Use the block button

When a spammer follows you and sends you links, don’t just ignore it. For the sake of others who are less well informed than you, always report the account as spam. The social networking service will monitor it and, if enough people take the same action, remove the account. It won’t stop spammers coming back with new accounts but it at least hinders their efforts.

Norton Safe Web for Facebook

Using this free app, scan your newsfeed for like-jacking scams or malicious links: Norton Safe Web scans your news feed for unsafe links and warns you of potential threats so you don’t share them with your friends.