Tech Tips: Simple steps to securing social media accounts

Criminals like to hijack consumer social media accounts to distribute malware, ransomware and ads. Here’s how to evaluate your privacy settings and lock down your accounts to minimize the risks.

Strong passwords are critical to keeping hackers out of your accounts. But trying to manage passwords manually tends to encourage weak passwords because they’re easier to remember. That’s also why many people reuse passwords, so they don’t have to remember new ones.

Instead, try a password manager like KeePass or 1Password. These utilities create a secure vault to store passwords, answers to security questions, and other login information. They also can generate random strong passwords for you. The ability to autofill your login information is a big time saver and helps keep your accounts secure.

You also should enable two-factor authentication on your social media accounts. Two-factor authentication (also called 2FA or 2SV, for two-step verification) adds an extra layer of protection by requiring a one-time code in addition to your password.

Strong antivirus software will help block malware and adware. It’s also a good idea to use a security extension or plug-in for your web browser. Your antivirus software may come with one, or you can use a free extension like those available from McAfee, AVG or BitDefender.

Next, take a look at the privacy settings for each account. Hackers glean information from social media accounts for use in phishing and other scams. You should limit access to your contact information and friends list to friends only, instead of public or everyone. Similarly, don’t post to public. Instead, set your posts and photos so they’re only visible by friends.

Be careful when accepting friend requests. Hackers create fake accounts to entice you into friending them for that extra access to your info. They also may impersonate people you know, either by hijacking those accounts or creating fake ones with identical information.

Watch for phishing emails and instant messages trying to steal your login information, especially from friends with hijacked accounts. One popular scheme is sending you a message from a friend’s account with a brief message like “is this you?” and an unknown link. The criminals are hoping you’ll click without thinking, because the message seems to be from someone you trust. If you click the link, you may be prompted to enter your social media login on a site that looks identical to the real thing. Don’t do it! This is an attempt to steal your password.

To check if your account already has been hijacked, look at the login information for each account. It will tell you what kind of device logged in, and the approximate physical location. If there’s anything you don’t recognize, remove it and change your login information immediately. Unusual activity on your social media account also can be an indication that a hacker has access to it. If you notice posts you didn’t make, friends you didn’t friend, or other activity that isn’t yours, change your login information and report the incident to the social media site.

• Triona Guidry is a freelance writer and consumer technology specialist offering tech support and advice for home computer users. For free weekly tips and news by email, subscribe to her Simple Tech Tips blog at