Nexgate | Blog on Social Media Security & Compliance | Nexgate

3 Steps to Stop Social Media Account Hacks

Social Hacks on the Rise

You read the headline often: Brand X has been hacked.

Just this year, the media has been abuzz with the news that big names like Microsoft/Skype, Justin Bieber, Forbes, and Snapchat have all suffered embarrassing posts or data leaks at the hands of hackers.

And it’s no surprise, really. Hackers go where the money is, and last year U.S. brands spent an estimated $4.1 billion on social advertising and garnered countless more in social sales. The difference between investing in social versus other marketing areas (e.g., email, web, etc.) is that most of the social spending hasn’t been protected with the right security. History shows that no name or brand is too big or too small to be targeted and, despite the front-page press, very little has actually been done to address the problem.

Nexgate’s Guide on How to Stop Social Media Account Hacks

To help brands fight back against hackers, this week Nexgate released the first comprehensive guide to stopping social media account hacks. This new “how-to” guide goes through common techniques used by hackers to infiltrate social media accounts, such as phishing attacks, browser and cookie attacks, and taking advantage of poorly maintained passwords. It lays out specific steps that your social media and IT professionals can take to reduce risk and prepare for recovery.  Get the Report

What You Can Do to Stop Hacks and Hijacks

Stopping social media hacks requires a combination of policy, process, and technology. Here are three key recommendations to help protect your accounts:

1) Discover your social infrastructure Knowing which accounts you have is the first step in securing them. After all, you can’t protect something if you don’t know it exists. Employees and partners will often create accounts related to your brand, so use technology to continuously scan for branded accounts, including fake accounts that could be used in phishing attacks or targeted scams.

2) Streamline and persistently monitor your social account footprint The more people and apps have access to your accounts, the greater the number of targets for hackers. Limit the number of users, admins, and apps on your social accounts to minimize risk. Additionally, beef up your basic security measures by making sure all your passwords are complex and refreshed regularly, and implement an automated social media security solution to monitor users, apps, and accounts for changes and to enforce workflow procedures.

3) Respond immediately to incidents Don’t wait to take reparative action, such as removing unwanted content posted by a hacker from your page. Here, manual effort will only get you so far. The best way to do this is through automated technology, like Nexgate’s ProfileLock, which will act instantaneously after a hack has taken place to address the problem and put your social accounts back on track.

For more steps you can take to stop and remediate account hacks and hijacks, download Nexgate’s “How-To” Guide on How to Stop Social Media Account Hacks. Want to learn more about how hacks have affected big names? Check out our interactive Major Social Media Incidents Affecting Big Brands chart and get the lowdown on who’s been hacked.

Read more
Social Media Risk vs Reward

Simplifying Content Review for Social Marketers

Balancing Social Media and Security

More and more brands are incorporating social media into their marketing. But as social continues to shift from a marketing accessory to a necessity, many are also finding it difficult to reconcile the real-time nature of social with the need for security.

One of the cornerstones of good security is process, and a key  process in social media is having a good review cycle for content before it gets posted. Yet, the fast-paced nature of social media combined with increasingly complex security and compliance requirements make it more and more complex for marketers and legal / risk personnel to coordinate their efforts efficiently.

Automating Social Media Content Review

Until now, many brand and social media managers have felt like they’ve had to choose between being too slow and less engaging or being too open and susceptible to these kind of risks. Content would often be created, then shipped off to legal / risk for review, and only after rounds and rounds of edits would it be distributed.  If it went out before it was reviewed, the content may put the organization at risk. If marketers waited until it was reviewed, they may have missed an opportunity to garner traction from a trending topic.

To help expedite and automate content review for social media and give marketers and legal / risk the best of both worlds, Nexgate has created SocialSyndicate – a powerful new tool for content collection, compliance review, and content syndication that makes distributing social content safe and simple.

Social Syndicate Submission PortalSocialSyndicate – Safe and Efficient Social Media Content Review

SocialSyndicate provides a centralized web portal for your employees and team members to collect and review content gathered from across your enterprise. It allows for easy organization of your content review and distribution process so that the social media team members from any area of your organization can collaboratively create content and pre-check it for security, compliance, and acceptable-use policy violations.

SocialSyndicate dramatically cuts the time and cost of content review as we’ve known it by automating what until now has been a manual, painstaking, and just plain overwhelming process.

SocialSyndicate uses Nexgate’s patent-pending Deep Social Linguistic Analysis (DSLA) technology with over 100 built-in classifiers, SocialSyndicate reviews content for any risk, security, or compliance violations, including those from the FDA, FCA, SEC, FINRA, and FFIEC. It then alerts marketers in the event that that content violates policy, requires review, or was approved for publishing.

SocialSyndicate integrates with virtually any publishing tool with full workflow options, including the ability to export to content libraries. With content pre-scanned for risk, marketers can breathe easy knowing that their content is both compliant and safe for distribution.

For more about how SocialSyndicate can help your company make safe and compliant use of the social web, contact us here.

Read more

Nexgate Releases Guide on How to Stop Social Media Hacks

Web Vulnerabilities Such as Heartbleed And an Increase In Social Media Hacks Put Brands at Risk – Yet Few Are Prepared to Prevent or Mitigate an Attack

SAN FRANCISCO, April 14, 2014 – Nexgate, an innovator in social media brand protection and compliance, today announced the release of a first-of-its-kind Guide on How to Stop Social Media Account Hacks to help enterprise brands and their social media teams prevent and respond to social media account hacks. Read the Guide at

Despite the efforts by social networks like Twitter, Facebook, YouTube and others to enact greater security within their platforms, account hacks are increasing in frequency and severity (see interactive chart). Groups like the Syrian Electronic Army (SEA) are targeting brands via social media, and recently unearthed vulnerabilities such as Heartbleed put social media accounts at risk.

Already this year, Microsoft/Skype, Forbes, Snapchat and even Justin Bieber have been the victims of hacked Facebook and Twitter accounts, as hackers have hijacked their millions of followers and fans to deface the brand and garner attention for their cause.

“The average enterprise has more than 300 social media accounts and 6 connected applications, creating a complicated network of branded infrastructure rich with vulnerabilities and yet, little-to-no security technology or procedures” said Devin Redmond, Co-founder & CEO at Nexgate. “As this social universe continues to rapidly expand, brands need to know how to protect their investment in social media.”

Nexgate’s Guide on How to Stop Social Media Account Hacks and interactive site detail common techniques used by hackers to infiltrate social media accounts, such as phishing attacks, browser and cookie attacks, and taking advantage of poorly maintained passwords. To help provide value to social media practitioners and IT professionals, it also provides steps that organizations can take to combat these hacking strategies and reduce risk, as well as guidance on what can be done in the event that a hack occurs.


Mitigating risk of social media hacks requires a compliment of security controls – much like for corporate networks, which have firewalls, intrusion detection, spam filters, etc., but that are designed specifically for the social networks.

To help organizations prevent and address social media hacks, Nexgate’s new guide prescribes several steps brands can take, including:

• Finding all of your brand’s social media accounts, including fraudulent pages;
• Limiting access to accounts from users and third-party applications;
• Enforcing strong authentication controls for social media accounts and applications;
• Monitoring branded social media accounts for changes, unauthorized apps, admins, and content; and
• Enforcing policy, including automated account lock-down procedures.

“As hacking methods become increasingly more sophisticated, organizations have struggled to protect their social media investment and stop hackers from overtaking their accounts.  At the same time, these brands are increasingly being held responsible by customers, fans and in some cases regulators for issues arising from these security flaws,” said Redmond. “Nexgate’s new guide addresses this pain point by demystifying social media hacks and providing organizations with a useful, step-by-step process to protect enterprise social media and ultimately the value of their brands.“


About Nexgate

Nexgate provides cloud-based protection and compliance for enterprise social media accounts. Its patent-pending technology seamlessly integrates with the leading social media platforms and applications to find and audit brand affiliated accounts, control connected applications, detect and remediate compliance risks, archive communications, and detect fraud and account hacking.

Nexgate is based in San Francisco, California, and is used by some of the world’s largest financial services, pharmaceutical, Internet security, manufacturing, media, and retail organizations to discover, audit, and protect their social infrastructure.

Media Contact
Dave Meizlik
Dave (at)
+1 (650) 762-9890

Read more
Heartbleed Bug Open SSL Vulnerability Social Media

How Heartbleed Affects Your Social Media

News about the Heartbleed bug has the Internet abuzz this week. The newly-discovered security flaw is garnering widespread attention because it potentially compromises thousands of sites and millions – if not billions – of online users. In response, the countless websites and social media networks that may have been affected are now recommending that you change your password.  But will that solve the problem?  Not really.

To stay safe, there are three key things you should understand and actions you should take with all of your accounts (including social media), in this order of priority:

1) If you aren’t using two factor authentication, set it up ASAP.
2) If you want to know whether or not a particular site has “patched,” you should look for two things:
    a) that the site has publicly announced that it has either upgraded the OpenSSL library or that it was using a version that’s not vulnerable to the Heartbleed bug, and
    b) that it has reissued its certificate.
3) Change your password.

If you’re confused about what to do in response to all the talk about this crazy Heartbleed bug, then join the club.

Change all my passwords?

Web site operators around the world are urging us to change our passwords on their sites. Be very careful with this, however. The odds that any individual’s passwords have been stolen are extremely remote. In fact, you’re probably more likely to win the lottery.

That’s because in order for a hacker to get your credentials s/he would either have to monitor your explicit website traffic in real time (in other words, watch you at the moment you enter an affected site), or attack a vulnerable server and potentially steal your credentials in the server’s stored memory at nearly the exact time that you authenticate. As interesting and important as each of us are, the chances that this might happen to us, individually, among billions of daily Internet users is very slim.

But the bad guys are going to take advantage of this frenzied password reset rush. There’s very likely to be an uptick in phishing attempts via password reset emails, since that’s a proven method of attack that a hacker can exploit en masse (e.g., one fake password reset email to thousands of Facebook users). As a result, we need to keep our guard up and remember security fundamentals: do not click on links in unsolicited emails, and look carefully at the URL and maybe even the certificate (if you’re savvy) to make sure it’s really the site you think it is.

Should you change your password? Yes. Sure. If you ask a doctor whether or not it’s a good idea to get your cholesterol checked, she’s going to say yes. So, as a security expert, I say yes, change your password. Will it really protect you from Heartbleed? Eh.

What you really need to do is enable two-factor authentication. 2FA makes your password less interesting and less useful, because breaking into your account now also requires access to your phone, which is much harder for the bad guys to get.

Take this opportunity to set up two-factor authentication everywhere. Facebook, Twitter, LinkedIn, and other sites and applications support 2FA. If a site doesn’t support it, email their support team to ask for it.

Is that site affected?

Media outlets are keeping lists of affected web sites and whether or not they have patched if they were using a vulnerable version of OpenSSL. However, even if the site was patched, there is one more thing that a savvy internet user should be looking for: did the site reissue its certificate?

How to Stop Social Media HacksThe Heartbleed bug doesn’t just allow an attacker to decrypt communications between a user and a target web server. It also lets an attacker read random bytes of the web server’s memory.  And, in that memory, there may be more than just a copy of the credentials you used to access the site.

The thing that has everyone in the security industry concerned is that the most valuable piece of information a secure website has, its certificate’s private key, could have been in the memory as well. Since this bug has existed for two years, the key could have been divulged at any point during this time. The nature of this particular bug makes it effectively impossible to tell whether or not that’s happened.

So responsible site owners aren’t only going to patch OpenSSL, they’re also going to go issue new certificates under the assumption that the certificate’s private key has been stolen.

One of the real wrinkles here is that it may take days or even weeks for websites to issue new certificates.  Until new certs are issued, a pragmatic approach is to assume that the certs are compromised, and changing your password is thus meaningless. That’s because if the certs were compromised and even if the server was patched, a hacker could use the old cert to see your credentials either in stored memory or in traffic.

Again, the best defense here is 2FA and to wait for the websites to issue new certificates.  Web browsers allow you to look at a web site’s certificate. The date of the “Not Valid Before” field should be April 8th, 2014, or later. Once you see that date, you know the site has patched and gotten new certificates, and changing your password is much more relevant.

Does this matter on Social?

Well, yes. Facebook, Twitter, LinkedIn, etc. are our digital personas. Friends and colleagues trust that those accounts are us. The hundreds of comments and photos we’ve posted comprise a valuable representation that we lean on daily to influence the people we interact with. And, these personas can be used to unlock more valuable things. Say, for example, you manage your company’s Facebook page, which has a few million fans and followers. What would be the impact if an attacker gained access to your accounts?

Twitter, Facebook, Google, and LinkedIn all support 2FA. If you’ve been putting off enabling it, now’s the time.

Oh, and you should change your password too.

Rich Sutton, CTO @Nexgate

Read more

Deep Social Linguistic Analysis (DSLA)

The Wild West of Social

For many brands, the “wild west” of social media can seem unfamiliar, dangerous, and just plain overwhelming. Social is now considered essential for any marketing plan, but businesses must also take into account risks of fraud, hacks and hijacks, and brand damage that come with the benefits of using this new communication tool. Add on top of those threats the potential for violating compliance rules and regulations, and social media turns from an uncharted landscape into a legal minefield.

The Challenges of Social Compliance

The FCA, FDA, SEC, FFIEC, and FINRA are just a few of the regulatory agencies that have recently published guidelines for social media use. It has not only been difficult for regulated companies to keep track of the sheer number of rules out there, but to also stay up-to-date with the latest versions of these regulations, which have been revised consistently over the past several months.

The focus on compliance has also brought another challenge to light:  finding violations within the unique linguistic context of social media. As opposed to more formal communication channels, the content across different social platforms differs greatly in terms of language style and tonality, making it all the more difficult to detect subtleties that might lead to compliance violations. Finding a needle in a haystack becomes all the more frustrating if you’re unable to recognize the needle when you do find it.

Deep Social Linguistic Analysis

To help companies with this very issue, this week Nexgate released Deep Social Linguistic Analysis (DSLA), which combines deep content analysis and machine learning with rich contextual information and natural language processing to give regulated organizations – whether publicly traded, financial, or pharmaceutical  – first of their kind, pre-built detection policies for leading regulatory requirements.

Left: e.g. a true FFIEC Reg. Z violation. Right: e.g. a false positive.

True FFIEC Policy Violation

False Positive FFIEC Violation







As opposed to the average keyword, dictionary, and regular expression-based filters, DSLA understands the unique voice of social media and how it relates to the ambiguities of regulatory requirements. As demonstrated by the posts above, basic methods of combing through potential violations are not always accurate. For example, a simple search for “APR” as a means of finding FFIEC violations can lead to false positives, such as a major bank’s retweet of a Women’s Philanthropy event in April – obviously not an FFIEC violation. DSLA distinguishes between those posts that may be identified as a violation using a keyword search and a true Regulation Z violation, such as the post on the left by a credit union about auto loans.

Left: e.g. a true FINRA Customer Response violation. Right: e.g. a false positive.

FINRA customer response policy violation

FINRA policy false positive




Similarly, a search for “lost…check” as a means to find FINRA Customer Response Risks might garner thousands of results, but lead to another, equally problematic situation, as posts such as those above on the right – a false positive – surface just as those on the left – a true positive. Unlike traditional search methods, DSLA is able to differentiate between two such posts, catching true violations without the noise and misleading results.

DSLA automatically identifies whether a brand is regulated, and then detects regulated content and checks to ensure it’s published through the correct communication channel based on the brand’s policy. It provides fast categorization and unparalleled accurate classification of compliance violations, and, if a post, tweet, or other social content violates policy, it will automatically remove the content from the page or wall. Additionally, any policy violations are automatically captured, categorized, and distributed for reporting and stored for legal hold and e-Discovery with leading archiving solutions.

To learn more about DSLA and how Nexgate can help your company comply in the rapidly changing world of social, contact us to schedule a demo.

Read more