Nexgate | Blog on Social Media Security & Compliance | Nexgate

Nexgate Releases Guide on How to Stop Social Media Hacks

Web Vulnerabilities Such as Heartbleed And an Increase In Social Media Hacks Put Brands at Risk – Yet Few Are Prepared to Prevent or Mitigate an Attack

SAN FRANCISCO, April 14, 2014 – Nexgate, an innovator in social media brand protection and compliance, today announced the release of a first-of-its-kind Guide on How to Stop Social Media Account Hacks to help enterprise brands and their social media teams prevent and respond to social media account hacks. Read the Guide at

Despite the efforts by social networks like Twitter, Facebook, YouTube and others to enact greater security within their platforms, account hacks are increasing in frequency and severity (see interactive chart). Groups like the Syrian Electronic Army (SEA) are targeting brands via social media, and recently unearthed vulnerabilities such as Heartbleed put social media accounts at risk.

Already this year, Microsoft/Skype, Forbes, Snapchat and even Justin Bieber have been the victims of hacked Facebook and Twitter accounts, as hackers have hijacked their millions of followers and fans to deface the brand and garner attention for their cause.

“The average enterprise has more than 300 social media accounts and 6 connected applications, creating a complicated network of branded infrastructure rich with vulnerabilities and yet, little-to-no security technology or procedures” said Devin Redmond, Co-founder & CEO at Nexgate. “As this social universe continues to rapidly expand, brands need to know how to protect their investment in social media.”

Nexgate’s Guide on How to Stop Social Media Account Hacks and interactive site detail common techniques used by hackers to infiltrate social media accounts, such as phishing attacks, browser and cookie attacks, and taking advantage of poorly maintained passwords. To help provide value to social media practitioners and IT professionals, it also provides steps that organizations can take to combat these hacking strategies and reduce risk, as well as guidance on what can be done in the event that a hack occurs.


Mitigating risk of social media hacks requires a compliment of security controls – much like for corporate networks, which have firewalls, intrusion detection, spam filters, etc., but that are designed specifically for the social networks.

To help organizations prevent and address social media hacks, Nexgate’s new guide prescribes several steps brands can take, including:

• Finding all of your brand’s social media accounts, including fraudulent pages;
• Limiting access to accounts from users and third-party applications;
• Enforcing strong authentication controls for social media accounts and applications;
• Monitoring branded social media accounts for changes, unauthorized apps, admins, and content; and
• Enforcing policy, including automated account lock-down procedures.

“As hacking methods become increasingly more sophisticated, organizations have struggled to protect their social media investment and stop hackers from overtaking their accounts.  At the same time, these brands are increasingly being held responsible by customers, fans and in some cases regulators for issues arising from these security flaws,” said Redmond. “Nexgate’s new guide addresses this pain point by demystifying social media hacks and providing organizations with a useful, step-by-step process to protect enterprise social media and ultimately the value of their brands.“


About Nexgate

Nexgate provides cloud-based protection and compliance for enterprise social media accounts. Its patent-pending technology seamlessly integrates with the leading social media platforms and applications to find and audit brand affiliated accounts, control connected applications, detect and remediate compliance risks, archive communications, and detect fraud and account hacking.

Nexgate is based in San Francisco, California, and is used by some of the world’s largest financial services, pharmaceutical, Internet security, manufacturing, media, and retail organizations to discover, audit, and protect their social infrastructure.

Media Contact
Dave Meizlik
Dave (at)
+1 (650) 762-9890

Read more
Heartbleed Bug Open SSL Vulnerability Social Media

How Heartbleed Affects Your Social Media

News about the Heartbleed bug has the Internet abuzz this week. The newly-discovered security flaw is garnering widespread attention because it potentially compromises thousands of sites and millions – if not billions – of online users. In response, the countless websites and social media networks that may have been affected are now recommending that you change your password.  But will that solve the problem?  Not really.

To stay safe, there are three key things you should understand and actions you should take with all of your accounts (including social media), in this order of priority:

1) If you aren’t using two factor authentication, set it up ASAP.
2) If you want to know whether or not a particular site has “patched,” you should look for two things:
    a) that the site has publicly announced that it has either upgraded the OpenSSL library or that it was using a version that’s not vulnerable to the Heartbleed bug, and
    b) that it has reissued its certificate.
3) Change your password.

If you’re confused about what to do in response to all the talk about this crazy Heartbleed bug, then join the club.

Change all my passwords?

Web site operators around the world are urging us to change our passwords on their sites. Be very careful with this, however. The odds that any individual’s passwords have been stolen are extremely remote. In fact, you’re probably more likely to win the lottery.

That’s because in order for a hacker to get your credentials s/he would either have to monitor your explicit website traffic in real time (in other words, watch you at the moment you enter an affected site), or attack a vulnerable server and potentially steal your credentials in the server’s stored memory at nearly the exact time that you authenticate. As interesting and important as each of us are, the chances that this might happen to us, individually, among billions of daily Internet users is very slim.

But the bad guys are going to take advantage of this frenzied password reset rush. There’s very likely to be an uptick in phishing attempts via password reset emails, since that’s a proven method of attack that a hacker can exploit en masse (e.g., one fake password reset email to thousands of Facebook users). As a result, we need to keep our guard up and remember security fundamentals: do not click on links in unsolicited emails, and look carefully at the URL and maybe even the certificate (if you’re savvy) to make sure it’s really the site you think it is.

Should you change your password? Yes. Sure. If you ask a doctor whether or not it’s a good idea to get your cholesterol checked, she’s going to say yes. So, as a security expert, I say yes, change your password. Will it really protect you from Heartbleed? Eh.

What you really need to do is enable two-factor authentication. 2FA makes your password less interesting and less useful, because breaking into your account now also requires access to your phone, which is much harder for the bad guys to get.

Take this opportunity to set up two-factor authentication everywhere. Facebook, Twitter, LinkedIn, and other sites and applications support 2FA. If a site doesn’t support it, email their support team to ask for it.

Is that site affected?

Media outlets are keeping lists of affected web sites and whether or not they have patched if they were using a vulnerable version of OpenSSL. However, even if the site was patched, there is one more thing that a savvy internet user should be looking for: did the site reissue its certificate?

How to Stop Social Media HacksThe Heartbleed bug doesn’t just allow an attacker to decrypt communications between a user and a target web server. It also lets an attacker read random bytes of the web server’s memory.  And, in that memory, there may be more than just a copy of the credentials you used to access the site.

The thing that has everyone in the security industry concerned is that the most valuable piece of information a secure website has, its certificate’s private key, could have been in the memory as well. Since this bug has existed for two years, the key could have been divulged at any point during this time. The nature of this particular bug makes it effectively impossible to tell whether or not that’s happened.

So responsible site owners aren’t only going to patch OpenSSL, they’re also going to go issue new certificates under the assumption that the certificate’s private key has been stolen.

One of the real wrinkles here is that it may take days or even weeks for websites to issue new certificates.  Until new certs are issued, a pragmatic approach is to assume that the certs are compromised, and changing your password is thus meaningless. That’s because if the certs were compromised and even if the server was patched, a hacker could use the old cert to see your credentials either in stored memory or in traffic.

Again, the best defense here is 2FA and to wait for the websites to issue new certificates.  Web browsers allow you to look at a web site’s certificate. The date of the “Not Valid Before” field should be April 8th, 2014, or later. Once you see that date, you know the site has patched and gotten new certificates, and changing your password is much more relevant.

Does this matter on Social?

Well, yes. Facebook, Twitter, LinkedIn, etc. are our digital personas. Friends and colleagues trust that those accounts are us. The hundreds of comments and photos we’ve posted comprise a valuable representation that we lean on daily to influence the people we interact with. And, these personas can be used to unlock more valuable things. Say, for example, you manage your company’s Facebook page, which has a few million fans and followers. What would be the impact if an attacker gained access to your accounts?

Twitter, Facebook, Google, and LinkedIn all support 2FA. If you’ve been putting off enabling it, now’s the time.

Oh, and you should change your password too.

Rich Sutton, CTO @Nexgate

Read more

Deep Social Linguistic Analysis (DSLA)

The Wild West of Social

For many brands, the “wild west” of social media can seem unfamiliar, dangerous, and just plain overwhelming. Social is now considered essential for any marketing plan, but businesses must also take into account risks of fraud, hacks and hijacks, and brand damage that come with the benefits of using this new communication tool. Add on top of those threats the potential for violating compliance rules and regulations, and social media turns from an uncharted landscape into a legal minefield.

The Challenges of Social Compliance

The FCA, FDA, SEC, FFIEC, and FINRA are just a few of the regulatory agencies that have recently published guidelines for social media use. It has not only been difficult for regulated companies to keep track of the sheer number of rules out there, but to also stay up-to-date with the latest versions of these regulations, which have been revised consistently over the past several months.

The focus on compliance has also brought another challenge to light:  finding violations within the unique linguistic context of social media. As opposed to more formal communication channels, the content across different social platforms differs greatly in terms of language style and tonality, making it all the more difficult to detect subtleties that might lead to compliance violations. Finding a needle in a haystack becomes all the more frustrating if you’re unable to recognize the needle when you do find it.

Deep Social Linguistic Analysis

To help companies with this very issue, this week Nexgate released Deep Social Linguistic Analysis (DSLA), which combines deep content analysis and machine learning with rich contextual information and natural language processing to give regulated organizations – whether publicly traded, financial, or pharmaceutical  – first of their kind, pre-built detection policies for leading regulatory requirements.

Left: e.g. a true FFIEC Reg. Z violation. Right: e.g. a false positive.

True FFIEC Policy Violation

False Positive FFIEC Violation







As opposed to the average keyword, dictionary, and regular expression-based filters, DSLA understands the unique voice of social media and how it relates to the ambiguities of regulatory requirements. As demonstrated by the posts above, basic methods of combing through potential violations are not always accurate. For example, a simple search for “APR” as a means of finding FFIEC violations can lead to false positives, such as a major bank’s retweet of a Women’s Philanthropy event in April – obviously not an FFIEC violation. DSLA distinguishes between those posts that may be identified as a violation using a keyword search and a true Regulation Z violation, such as the post on the left by a credit union about auto loans.

Left: e.g. a true FINRA Customer Response violation. Right: e.g. a false positive.

FINRA customer response policy violation

FINRA policy false positive




Similarly, a search for “lost…check” as a means to find FINRA Customer Response Risks might garner thousands of results, but lead to another, equally problematic situation, as posts such as those above on the right – a false positive – surface just as those on the left – a true positive. Unlike traditional search methods, DSLA is able to differentiate between two such posts, catching true violations without the noise and misleading results.

DSLA automatically identifies whether a brand is regulated, and then detects regulated content and checks to ensure it’s published through the correct communication channel based on the brand’s policy. It provides fast categorization and unparalleled accurate classification of compliance violations, and, if a post, tweet, or other social content violates policy, it will automatically remove the content from the page or wall. Additionally, any policy violations are automatically captured, categorized, and distributed for reporting and stored for legal hold and e-Discovery with leading archiving solutions.

To learn more about DSLA and how Nexgate can help your company comply in the rapidly changing world of social, contact us to schedule a demo.

Read more

Nexgate Launches SocialSyndicate for Automated Social Media Content Pre-checks

New Technology Lets Enterprise Organizations Centrally Collect Brand Social Content, Pre-scan it for Risks, and Syndicate it to Content Publishers and Content Libraries

SAN FRANCISCO, March 24, 2014Nexgate, an innovator in social media brand protection and compliance for enterprise brands, today released SocialSyndicateTM – a first-of-its-kind technology for social media security, risk, and compliance content pre-scanning and syndication to content libraries.

Available immediately, SocialSyndicate provides centralized collection and scanning of all brand generated social content for risks and mistakes, including miss-formatted shortened links, inappropriate language, sensitive internal information, and compliance violations, including FDA, FCA, FFIEC, FINRA, SEC, and other regulatory requirements, prior to publishing on branded social media accounts.  SocialSyndicate includes full workflow options, as well as the ability to export approved social content to Social Media Marketing Solution (SMMS) libraries. Content scanned by SocialSyndicate is processed with Nexgate’s patent-pending Deep Social Linguistic Analysis (DSLA), which offers highly advanced content classification designed specifically to address the sophisticated challenges in accurately and automatically detecting the many content risks facing organizations engaged in social media.

Social media is a powerful medium and channel for brands to communicate with their audiences.  Much of its power is derived from the organic, authentic, and real-time nature of shared content. Unfortunately, that means brand managers often have to choose between being too slow and less engaging or too open and susceptible to risks. SocialSyndicate helps solve that problem by providing a central point to very quickly and easily collect and vet organic social content and make it available to any of an organization’s preferred social publishing mechanisms.

Regardless of an organization’s industry there are often regulatory challenges to be addressed on social media. Some industries, especially those in the financial services, insurance, and healthcare verticals, as well as publicly traded organizations, face even more pressure to both create and enforce compliance policy for social media communications.  However, until now, safety and compliance checks have often relied on manual processes with spreadsheets to deal with the variety of social content sources and the heterogeneous publishing mechanisms on social accounts. This manual workflow creates a cumbersome process for teams and is both overly mechanical and antithetical to the authentic, immediate, and organic nature of social media.

Nexgate’s SocialSyndicate alleviates this challenge and improves investment in SMMS publishing and content libraries. SocialSyndicate acts as central portal where any employee can submit social content, have it scanned for safety and compliance, and then make it available for distribution via any SMMS publisher or content library. Using DLSA, Nexgate scans the post or tweet using over 100 built-in classifiers to check for policy violations, immediately reports back whether the content violates a regulatory policy, requires review by compliance or supervisory personnel, or is approved for publishing. All scans and results are audited, and automated workflow for multi-tier approval is available within SocialSyndicate for companies that want advanced content scanning combined with a more automated and streamlined review process.

“Social media has quickly become an important conduit for companies to engage with customers and audiences,” said Jesse Stay, Principal and Founder of Commerce Futurists, a company which helps large corporations adopt new paradigms like social media. “However, making social media engagement work effectively and safely for both marketing and compliance teams requires more capabilities to quickly pre-review content for risks as well as regulatory requirements like FCA, FFIEC, FINRA, and SEC requirements at the speed of social media. In addition to that emphasis on the speed required to keep social effective, it also means making that reviewed content more broadly available to all the social outlets an organization uses. Nexgate’s new SocialSyndicate is terrific approach to automate what has previously been a manual and cumbersome content review process and, at the same, propagate more content to more distribution mechanisms more quickly all while mitigating risk.”

“The market has quickly shifted from a ‘maybe we’ll do more social’ to a ‘how do we do more social better, faster, and safer,’” said Devin Redmond, Co-founder and CEO of Nexgate. “This is why we’ve developed SocialSyndicate – to provide a better collection mechanism for the social voices and content of a brand, a faster and more thorough safety and compliance scan for that content, and an easy-to-integrate source for getting approved content into libraries, publishing platforms, and to social sellers. Using our highly sophisticated content classification engine, Nexgate customers can quickly pre-check content for safety, policy, and compliance risks, compliance teams can streamline approval processes with a full audit record, and social teams have an easy-to-use new source of approved content to distribute through mechanisms such as those from our partners HootSuite and Salesforce .”

SocialSyndicate is a cloud-based subscription service available for single and multi-year terms for enterprise brands using social media.

More Information:

• Social Media Regulatory Compliance
• Social Media Spam Report
• Social Media Risk Management Roles & Responsibilities Report

For more information on Nexgate, visit

About Nexgate

Nexgate provides cloud-based brand protection and compliance for enterprise social media accounts. Its patent-pending technology seamlessly integrates with the leading social media platforms and applications to find and audit brand affiliated accounts, control connected applications, detect and remediate compliance risks, archive communications, and detect fraud and account hacking.

Nexgate is based in San Francisco, California, and is used by some of the world’s largest financial services, pharmaceutical, Internet security, manufacturing, media, and retail organizations to discover, audit and protect their social infrastructure.

Media Contact
Dave Meizlik
Dave (at)
+1 (650) 762-9890

Read more

Malaysian Airlines MH370 Plays Out in Social Media

As the mystery of Malaysia Airlines continues to unfold, millions of people from around the world are flocking to social media for updates, theories, and to express their concerns. Interest in the missing flight has created a flurry of not only legitimate news coverage, but also of phony stories and fake web links on social media, each promising breaking news and “shocking” truths about the fate of the plane and its passengers.

Fake MH370 Social Media Accounts

Fake Facebook and Twitter Accounts, claiming to be affiliated with Malaysian Airlines, have popped up virtually overnight. In less than a week since the crisis began, social media accounts affiliated with “Malaysia Airlines” grew from roughly 50 to more than 680 across Facebook, Twitter, YouTube, Pinterest, and the other leading social networks.

Social Media Accounts Affiliated with Malaysia AirlinesScammers seeking to capitalize on the misfortune of others are taking advantage of the story to mislead and defraud those who would aim to do well. And hackers are spreading malware through the social web via new Facebook scams (as reported here) to take control of user’s social media accounts.

For spammers and hackers, any occasion that captures public attention – regardless of how sensitive – is an opportunity to snatch personal information and spread malware, and the disappearance of the Malaysia Airlines plane is no exception.

Many of these pages circulating on Facebook and Twitter include videos with salacious, reprehensible headlines, including:

“Shocking Video:  Malaysian Airlines missing flight MH370 found at sea”

“Malaysian Airplane MH370 Already Found. Shocking Video Release Today by CNN”

“Plane has been spotted somewhere near Bermuda triangle. Shocking videos released today. CNN news”

“MH370 Malaysia plane has been found. Shocking videos released today. Last video of passengers crying released”

Fake MH 370 VideoAfter clicking, users lured by these videos are typically encouraged to share the “news story” and then find that they must complete a survey before the information in question is “revealed.” In actuality, there is no video or news story. Instead, scam artists profit from the fake surveys by selling the personal information (e.g., email addresses, phone numbers, etc.) divulged by users taking the survey – whether the user inputs the information directly into the survey or confirms a request for profile access – to third party marketers.

Malicious and Inappropriate Content

Many of the fake links also redirect users to pages that strongly resemble real Twitter or Facebook pages, and even imitation news sites that users are prompted to share over their social accounts to infect their pages and the pages of their friends and followers. But fake links and phishing aren’t the only problem.  Adult content, pornography, hate speech, malware, and other content now litter the pages associated with Malaysia Airlines.  Below is a chart that shows the rise in “bad content” on these pages, which has grown from virtually zero before the planes disappearance to more than 3,900 instances in days.

Bad Social Content MH 370

Social Media Spam

Much of this content is spam, such as we’ve included in the screenshots below. Spam spreads like wildfire – just one post can potentially infect an entire community, as one person’s click can be leveraged to get their friends and followers to unsuspectingly “like” and share that spammy post with others. Links to malware can infect your accounts or, even worse, your computer, and provide hackers access to your personal information.

MH Spam 3 MH Spam 2 MH Spam 1

Social media is a tremendous source of information and comfort, especially in a time of crisis.  Unfortunately, however, it can also server as an opportunity for spammers, fraudsters, and hackers.

To mitigate risk and safeguard oneself and a branded social media account, marketers and their brand’s followers must be cautious and enact good safeguards – such as using social media content filtering to weed out spam, malware, and bad content from their pages automatically.

Read more