Business Library Home > Featured Columnists > chris crum

Share with a FriendShare / Print this ArticlePrint / Sitemap

What's Hot in Small Business – Chris Crum

What's Hot in Small Business – Chris Crum
Chris Crum writes for Small Business Resources about what's new for small business. Chris was a featured writer with the iEntry Network of B2B Publications where hundreds of publications linked to his articles including the Wall Street Journal, USA Today, LA Times and the New York Times.

Making Your Facebook Business Account More Secure

Making Your Facebook Business Account More Secure

Last month, engineers at Facebook discovered that some attackers found a way to exploit a vulnerability in the social network's code that specifically impacted what the company calls the "View As" feature. This is designed to enable people to see what their own profile looks like to other people.

The vulnerability allowed these attackers to steal Facebook access tokens, which provide temporary access to Facebook APIs (Application Programming Interfaces). Stealing the tokens allowed the attackers to take over people's accounts.

"We’ve fixed the vulnerability, informed law enforcement, and reset compromised tokens so attackers can no longer use them to log in," Facebook said in a blog post on the subject. "We don't yet know if any accounts were accessed using these stolen tokens, but we are working to proactively identify any unauthorized access. Detecting and preventing fraud is extremely important and something we take very seriously. While we have not detected any malicious activity with business accounts, our investigation is ongoing."

According to a report from The Verge, a hacker managed to steal login information for as many as 50 million Facebook accounts.

In light of this discovery, Facebook provided some tips to business owners on how they can make their accounts more secure, although the company did say that no action is required by businesses or users to fix the actual vulnerability.

Facebook recommends checking your contact information in Account Settings. They advised that there is no need to change your password, but making sure email and phone information is accurate can help you regain access to your account in the event that you lose your password. Surprisingly, changing your password was not recommended as the company said this would not be necessary.

Facebook noted that if you administer a Facebook Page, Group, App, Ad account or business, you should take a look at roles and permissions on your account for any unauthorized changes or new admins you don't recognize. If you do find an unauthorized admin or suspect someone has gained access, be sure to report the issue using Facebook's help center.

Finally, Facebook said it recommends looking for changes to payment details in Payment settings on your account, reviewing active campaigns in Ads Manager to check for changes to ads, bids, or budgets, and looking for any listings you did not create on your Marketplace account. In the event that you do find anything suspicious, you should again report the issue using Facebook’s help center.

Security and fraud concerns have long plagued users of the world's largest (by far) social networking platform, and the seriousness of having a secure account has only become more important as more commerce-related activity takes place using Facebook. If you do, in fact, use Facebook for business, follow the company's advice and check for anything suspicious just to be on the safe side.

According to CNN, the recent security flaw was Facebook's "work hack ever," and it could still "get worse."

These articles are provided as a free service to you for your internal, noncommercial, informational purposes only and are prepared by a third party. We do not control and are not responsible for the content of the articles, which may include inaccuracies, and we do not endorse, sponsor or recommend any advice or other information provided in the articles, which may or may not be suitable for you. Your access to and use of the articles is subject to the Synovus Web Site Terms and Conditions of Use.