How to Prevent Cyber Attacks on Your Google and Facebook Ad Accounts


ecurity, security, security; it’s all everybody seems to be talking about online. It led to the introduction of the General Data Protection Regulation in Europe, and it’s the reason why companies like Facebook and Google are investing billions of dollars each year. For users of all platforms, security and privacy are now at the top of demands. If you’re worried about cyber attacks as a business or marketer, we have an extensive guide today.

The Risk of Cyber Attacks

When it comes to cyber-attacks, one of the scariest thoughts is that no business seems to be safe from these menaces. While small companies don’t necessarily have the resources for protection, large companies are exposed more as they sell to people and operate all over the world. If Cybersecurity Ventures is to be believed, cybercrime damage will reach $6 trillion per year by 2021.

Elsewhere, around seven in ten business owners are concerned about cybersecurity and worry about the risks. In the first half of 2019, it’s thought that 4.1 billion records were exposed. With all of these stats in mind, it’s fair to think about your Facebook and Google Ad account more closely.

At the moment, some key security issues are causing concerns. As a user of these two platforms, know that one of the biggest problems is stolen/weak passwords and other credentials. Fortunately, this is easily fixed (as we’re going to discover with our tips!). After this, data breaches are commonly caused by:

  • Social engineering
  • Allowing too many permissions
  • Malware and other harmful systems
  • Vulnerabilities in applications
  • Insider threats
  • User error

As marketers on Facebook and Google, allowing hackers and attackers access to our accounts is detrimental. Firstly, they could get your banking information, set up campaigns in your account, and cost the business lots of money. Secondly, they could expose the personal details of your audiences and cause a huge backlash. Suddenly, the information of your audience is released, and your company receives a negative reputation for security and privacy at a time where you need it most.

Limiting the Risk of Cyber Attacks

Sadly, the threat of cyber-attacks will never dissolve completely. However, what we can do is limit the risk by taking specific actions with our accounts, browsers, and internet practices.

1. Encourage a Security Conscious Workplace

One of the most frustrating things with cyber-attacks is that a good percentage could have been prevented with some additional security and caution. In a recent UK survey, around 43% of businesses were breached or attacked within a 12-month window. During the same period, less than half of this percentage offered training for staff on the matter. Despite the risks of cyber-attacks, companies still aren’t doing enough to educate staff, and this could leave your Google and Facebook Ad accounts vulnerable.

These days, banning personal devices can actually harm the business because you’re preventing employees from working while commuting, from home, and in conditions that make them more efficient. Instead of a ban, we recommend education and showing staff how to use their personal devices safely. For example, this includes information on unsecured networks. Especially when traveling around, they should know how to access networks safely in coffee shops, airports, hotels, and other locations.

Another pivotal area for preventing cyber-attacks is with permissions and password sharing. The more people that have access to Facebook and Google Ad accounts, the more routes that hackers have to…well, hack. With Ad accounts, only those who help with the campaigns should have access. As soon as a member of staff leaves, remove them from the permissions list and keep this list as tight as possible. By doing this, you not only improve security but also make marketing more consistent because the same people are dealing with problems and concerns.

2. Enable Two-Factor Authentication

With both Facebook and Google, we’re trying to protect a password. As soon as a hacker gets this password, they can access pretty much everything within the account. For this reason, you should take advantage of the two-factor authentication security measure available through both Facebook and Google.

As the name suggests, this adds a layer of protection to an account so that you aren’t reliant upon the password alone to access an ad account. Although the most common choice is an SMS message and code, other solutions include:

  • Physical fob
  • PIN number
  • Fingerprint scan
  • Iris scan
  • Pattern

With this, the password is followed by the extra step when attempting to log into an ad account. For example, it will ask you to enter the six-digit code that has been sent in an SMS to a number of your choosing. Since this number will get the code for every login attempt, you’ll know when a hacker is trying to access the account and can manage logins more closely.

3. Use Firewall and Anti-Malware Software

We mentioned earlier that malware accounts for a significant portion of cyber-attacks, and so it makes sense to reduce the opportunities that hackers have to attack us in this way. To small businesses, one of the biggest cyber risks is still ransomware. With this, the attacker will threaten to release data unless a certain amount of money is paid. Instead of contacting the authorities or preventing this problem in the first place, a shocking number of businesses just pay the ransom (of course, the traumatic experience doesn’t normally end here).

If you have an anti-virus tool, this is a great start. Yet, it isn’t enough alone. With experienced hackers, they can normally work in the background and improve their ransomware as new anti-virus software is released. Though anti-virus is good with some problems, it normally detects ransomware after anything can be done to stop it. We recommend investing in anti-malware tools and software that have been developed with ransomware in mind.

As always, prevention is better than a cure. In this case, prevention comes with an optimized firewall. With this, malware can’t even enter the system and you have layers of protection in place against all sorts of problems.

When running firewalls, anti-malware, and anti-virus software, we have one crucial tip that you shouldn’t ever forget - DO THE UPDATES. Cybersecurity threats are always changing, so you need the updates to remain protected against new and evolved threats.

4. Secure All Mobile Devices

Just like personal devices, it’s almost impossible to stop the tide of mobile devices. There are benefits of Android’s open-source nature, but the drawbacks come with the sheer number of hackers trying to find weaknesses in the code. Even with the secure iOS systems, you still need to take a proactive approach to security. Otherwise, hackers will compromise your mobile devices and your Facebook and Google Ad accounts are vulnerable.

Here are some mobile device security tips:

  • Perform updates as soon as they’re available - normally, they will contain security updates as well as aesthetic and functional changes.
  • Set a pattern, Touch ID, Face ID, or a passcode on the device - you’ll be surprised by the number of people who fail to set these basic security measures.
  • They might not have protection under the Fifth Amendment, but biometrics will improve security for your mobile devices. This includes iris scanning, fingerprints, and face recognition.
  • Set up Find My Device or Find My iPhone just in case you lose your device when out and about.

5. Use a VPN

What started as a trend has well and truly become a must-have for the security conscious. With a virtual private network, the benefit is that all data is encrypted, you can allow staff to securely access your ad accounts, it’s possible to share data, IP addresses change frequently, and information of your browsing is wiped as soon as you end a session.

If you choose this route, pick a provider that has a good reputation and plenty of happy customers (even if it means paying for a membership!).

6. Other Tips

To finish, here are a selection of other tips to prevent cyber-attacks on your Google and Facebook Ad accounts.

  • Optimize the privacy and security settings on Google and Facebook. You don’t always need to look for external solutions when the two tech giants offer their fair share of security measures. Follow the advice and secure your account.
  • Steer clear of unsecured public WiFi. On these networks, hackers can access any information you send including account credentials, emails, and even financial details.
  • Encrypt all messages (or use tools that encrypt your communications). With WhatsApp, you have an app that uses end-to-end encryption and it’s available across all platforms.
  • Check the permissions that you allow on both Google and Facebook. This applies to both permissions you allow to staff and when using apps.
  • Protect IoT (Internet of Things) devices including home hubs and voice assistants. If possible, run all home devices from a separate network to the one you use to access ad accounts.