It has been a week since the hostile takeover of Thomas More University’s Facebook page, and the institution is still waiting on a response from the social media platform.
Last week, the official Facebook account for Thomas More University was hijacked by unknown hackers who replaced the university logo with photos of women posing suggestively. The description has been changed from an educational institution to a video game creator. University officials have been working to regain access to their account to no avail.
Lyna Kelley, director of communications and public relations at Thomas More, said the university has not received any response from Facebook’s moderators.
“Our attempts to reach Facebook are still falling flat. At this time, we have yet to regain control of the old account. We have found a connection with a Facebook staff member who we hope can offer us some much-needed assistance,” Kelley said.
Kelley added that the process “has been very frustrating.”
The saga began when university officials on the social media account received a message notifying them all administrators had been removed, according to a TV interview with Dr. Kevin Reynolds, vice president of institutional advancement.
Officials with the university security team told local media the hacker isn’t holding the account for ransom and hasn’t asked for anything since the takeover.
Ironically, the account has gained more than 1,100 followers in the last week, so if Thomas More is able to reclaim it, they would do so with more followers than when they lost access.
In the meantime, the university has created a second Facebook account.
David Hatter, mayor of Fort Wright and director of business growth for IntrustIT, said all too often social media users think they’re “too small, or not important enough” for someone to be interested in their sensitive information.
Hatter spoke with LINK nky about steps anyone online can take to protect themselves from what he defined as a “crime of opportunity.”
“There’s nothing foolproof you can do to make sure that you never get hacked,” Hatter said. “But there are a lot of things … in many cases free things, that if people could just do them it would go a long way towards putting the kibosh on this stuff.”
Hatter said phishing scams are becoming increasingly sophisticated, too. They can come by email, text message or phone calls now. An easy-to-spot scam is one that is emotional and time-sensitive, demanding money to fix a problem.
Others are sneaky links that may look safe but lead users elsewhere, sometimes even to login pages that look like the real thing.
“A huge problem at the moment are phishing campaigns that will take you to a login page that looks just like the real Google or the real Microsoft login page, right? So to the naked eye and to someone that’s not skeptical … you land on a page that looks just like the Microsoft login page, enter your credentials, and now they got your user name or password,” Hatter said.
And for someone who may use the same username and password for several accounts, cracking the code to one account can create a windfall of problems.
Hatter said the best protection against compromised accounts and information is a strong passphrase and two-factor authentication. He advised two-factor authentication wherever possible, and said using a password management app is much safer than saving passwords in a browser. He recommended LastPass, but there are several highly recommended password managers and authentication apps that Hatter said will prevent “99% of scams.”
As for Thomas More, there’s no telling whether these steps could have prevented the takeover of the university account or when the institution will regain control.