Online safety is on the minds of many a social media manager. Ev Williams, the co-founder of Twitter, was hacked this year. As was Mark Zuckerberg, whose Twitter and Pinterest accounts were compromised. And lest we forget John Podesta, Hillary Clinton's campaign manager, who fell prey to an email phishing scheme.

Undoubtedly, having employees on social presents its own set of risks. That's why it's important to teach social sellers, executives, and other employee advocates how to stay safe online. Below, we'll cover three topics that can help your team stay safe: creating strong passwords, avoiding bad links, and dealing with cyberbullies and trolls.


1. Create Strong Passwords

Choosing a strong password can slow or defeat hackers, making password selection an important piece of the online security puzzle. In case you need a password refresher course, here are some of the standard reminders:

A. Stay away from dictionary words

Attackers can easily run a program that cycles through a list of words in the dictionary. That's why passwords like "password" or "Soccer" are easy for hackers to crack.

B. Use a mixture of capital letters, lower-case letters, numbers, and symbols

Since passwords are case sensitive, using a mixture of capitals and lower-case letters can slow down hackers, as can the use of letters and numbers.

But note that password crackers are sophisticated. They can run their dictionaries with various capitalizations and common substitutions: "$" for "s," "@" for "a," "1″ for "l," and so on. So, don't think that "$0ccer" is much safer than "Soccer."

C. Don't use children's names, your city of birth, or local sports teams

Not all hacking is automated. One way to break into someone's account is by guessing. The hacker thinks about the person and then guesses likely words and phrases such as children's names, pet's names, favorite sports teams, etc.

D. Don't use short passwords. Aim for at least 12 characters.

The longer the password, the harder it is to crack.

E. Use different passwords for different accounts

Hackers try to "daisy chain" their attacks, meaning they use information from one account to log into another account. In other words, if someone figures out your Facebook password, they'll try to use that password to log into your Twitter account.

F. If you can, use a seemingly random combination of letters and numbers

You can generate random passwords by using Norton's password generator. Or you can create your own using different password creation techniques.

G. Enable two-factor authentication

When you turn this on, anyone trying to sign in to your social account from new devices will have to go through a secondary layer of security. In addition to entering the correct password, suspicious users will receive a code via text message, which they will have to enter before signing on.

It might sound like a hassle for you, but enabling this feature can save you time. Here are instructions for the major social networks:

2. Avoid Dubious Links

While social media is a great way to meet buyers and engage with them, social can also be a hacker's best friend. 40% of social network users have encountered malicious attacks, some of which are the result of clicking on suspect links. Here are a couple ways to protect yourself against malware and phishing schemes:

A. Check the profile of the person posting

Ask yourself whether the person sharing the link is trustworthy. On Facebook, this is a bit more challenging, given that you're seeing links primarily from people you trust (i.e. your friends and family).

On networks like Twitter, check the profile picture. Does the person look like an after-hours, 1-900 pin-up? Does the person have a Twitter egg as their profile picture, with very few followers? Is the person's Twitter bio a bunch of incoherent gobbledygook? If so, ignore the link.

Also, don't forget to check the person's Twitter history. Does the person's Twitter timeline look like a rapid-fire burst of tweets with links? If so, ignore any tweets that come from that account.

B. Check the credibility of the post

Some posts just sound dangerous. Perhaps the text sounds spammy – like a too-good-to-be-true offer. Or perhaps it sounds sensationalist or somewhat disgusting – like a post about unbelievable zits popping. If that's the case, avoid the links.

C. When in doubt, use an online link analyzer

Head over to a site like and copy and paste the URL into the text field.

Whatever you do, don't click on the suspicious link to get the web address. Instead, right-click (or control-click on a Mac) on the link. For more instructions on copying URLs without clicking on them, you can read this short tutorial.

D. Turn on your browser's malicious site protection

This feature might not catch everything, but it's a good start. If you use Google Chrome, you're in luck. The Chrome browser automatically warns you when a site might be dangerous or deceptive. If you're using Safari on an iPhone, check to make sure the "Fraudulent Website Warning" is turned on. (Settings  Safari  Fraudulent Website Warning)


3. Learn How to Deal with Abuse and Cyberbullying

When you think of trolls, fairy tales might come to mind. But social media trolls don't bring prince charmings or happy endings. Online trolls are cruel. They spread hate. They send vile images. Avoid online trolls if you can.

Hopefully, your employees won't have to deal with them. But it's always a good idea to train your employees just in case. Especially executives, who are more likely to be the target of trolling attacks, given that they are public faces of your company.

Often times, blocking a user is the best way to deal with abusive content. Here are a few privacy reminders:

A. Facebook

On Facebook, you can easily block and report users by clicking on the lock in the upper-right corner.


B. LinkedIn

On LinkedIn, navigate to the person's profile. Then, click on the upside down triangle.


C. Twitter

On Twitter, you have three options: report, mute, and block. Here's a helpful diagram from Twitter that explains the differences:


To report, mute, or block someone, you can head to their profile. Then, click on the sprocket, and pull down to the action that you want to use.


At the end of the day, it's important to remember that passwords longer than Les Misérables can be compromised, that dangerous links can look innocent, and that trolls have a way of popping up like whack-a-moles. It takes digital fluency and common sense to stay safe online. We hope that this quick tutorial sends you in the right direction.

If you'd like more tips and tricks, check out this article from the New York Times: Protecting Your Digital Life in 7 Easy Steps.

Want More Tips for Social Sellers?

Check out our cheat sheet!


Posted by Mark Bajus

Sign Up for a Free Demo