Why Your Marketing Campaigns Could Put Your Company’s Digital Security at Risk

Successfully executing a digital marketing campaign will result in a number of benefits for your business, such as: increased brand awareness, higher SERP rankings, increased website traffic and most importantly, sales.

But what about the downside of digital marketing?

The more you grow your online presence, the more your website becomes a juicy target for hackers.

I don’t enjoy scaremongering, but data security breaches are a real threat.

Estimates suggest that the worldwide cost of cybercrime will increase to $2 trillion by 2019. Despite this, 87% of CIOs believe their security controls are failing to protect their business.

Here are some of the ways that your digital marketing strategy might be leaving your business vulnerable, and how you can fix them.

Social media

In the modern day, social media should be an integral part of marketing for every business. While social media is a powerful tool for staying connected with your audience, there are also risks that can leave you exposed.

Human mistakes

The most common social media breach is when an employee accidentally shares unacceptable content.

While most accidental status updates are nowhere near as catastrophic as what US Airways posted in 2014, mildly inappropriate or unprofessional content will still erode the integrity of your brand.

Red Cross had a damaging incident when an employee posted an unprofessional update on the brand’s official page when it was intended for their private account.

I recommend creating a documented style guide for social media containing instructions for your tone of voice, images used and preferred methods for interacting with followers.

Everyone who posts on behalf of your brand should read the document thoroughly and receive proper training. One mistake can have a long-lasting impact, so only entrust your social media channels to your most trustworthy employees.

Brand hijacking

When an employee posts something inappropriate on social media, it’s likely to be accidental – but if a hacker takes over your account, you can expect some serious hostility.

A few years ago, a hacker took over the Twitter account of Burger King and rebranded it to look like McDonald’s.

After posting a string of absurd tweets, the account was eventually suspended. It’s believed that a weak password choice for Burger King’s account enabled this breach to take place.

When choosing a password for your social media accounts, include a range of letters, numbers and special characters. Including at least one capitalized letter is well advised.

Common passwords such as your birthday, name, “qwerty” and “123456” should be avoided.

Incredibly, over 50% of people use one of the top 25 most common passwords. Don’t be part of this group.

Also, be careful when clicking on social media links. If you click on the wrong link, you could inadvertently become victim of a malicious attack that will allow a hacker to access you social media account or even worse, your computer.

Not so long ago, the devious Locky app targeted social networks by sneaking malicious code into image files.

Hover over all links before you click to ensure they’re from a reputable website and consider using a link scanner like URLVoid to be extra careful.

For long-term protection, consider purchasing ZeroFox. This tool scans social media every day and detects impersonations as well as other malicious activities.

If you suspect your account has been hacked, I recommend contacting a cyber security consultant immediately.

Telling thieves your location

Be careful when you mention your location on social media. If you’ve made it clear that you’re away from your home or office and won’t be returning anytime soon – this is an invitation for thieves to perform a robbery with a lower threat of being caught.

Numerous soccer players have had their houses raided because their fixture list is public and thieves know exactly when they’ll be away from home.

Thieves are appreciative of status updates that tell your whereabouts.

To keep yourself safe, never mention how long you’ll be away for and consider waiting until you get back home before posting your photos from exhibitions, trade shows and lectures.


For marketers looking to promote their businesses using blogging, WordPress is an extremely popular platform. As wonderful as WordPress is for creating and running a functional business blog, the platform does have vulnerabilities.

Interestingly, most hackers use automated bots to trawl through WordPress sites and detect ones with weaknesses. If your WordPress site gets hacked, it’s more likely to be an opportunist rather than personal attack.

Oftentimes, hackers may redirect your site to affiliate sites which provide them with income, or they can infect your downloadable files with malicious code – allowing them to access personal details from your customers.

How to keep WordPress secure

As with social media, picking strong passwords for WordPress is your first line of defence.

Try to avoid using “Admin” as your administrator name, since this will make logging in more difficult for hackers. You should also consider using an email ID instead of a username at your login, since email addresses are harder to predict.

2-factor authentication is another preventative step that I highly recommend. With this type of login interface, users must provide a password in addition to another authentication step, such as an answer to a secret question.

In my opinion, Google Authenticator is a must-have WordPress plugin.

Unfortunately, not all WordPress plugins are from reputable companies like Google. Many plugins contain vulnerabilities that can leave you open to an attack.

Before downloading a plugin, perform a Google search to check that no one else has had problems with the plugin in the past.

To be extra safe, consider only downloading plugins from WordPress.org. Everything uploaded to the Theme Directory or Plugin Directory has been extensively analyzed for malicious code or vulnerabilties.

You’ve probably seen cryptanalytic brute force attacks in your favorite Hollywood movies – they’re based on reality. Using automated software, hackers can relentlessly try to guess your login information using countless attempts.

To combat this, consider installing Login LockDown. This plugin allows you to limit the amount of login attempts from a particular IP address within an allocated time period – dramatically lowering the chances of success for a brute force attack.

I recommend using SSL to encrypt data and keep your admin dashboard secure. Check out this useful guide by Green Geeks to learn how to install an SSL certificate on your WordPress site.

To make your data more secure, consider changing your WordPress database table prefix from wp_ to something random that people won’t guess, such as: N4sit012S6_. If you’re not sure how to do this, download WP-DBManager so you can make the change, repair and backup your database easily.

Finally, ensure you have automatic core updates for WordPress. If you’re using a dated version of WordPress, the security flaws of the platform will be public knowledge – which can leave you vulnerable.

Email marketing

80% of retail professionals state that email is their most effective tool for retention marketing.

Despite this, email has some notorious vulnerabilities. In what was thought to be the largest email breach in the history of the internet, Epsilon became famous for all the wrong reasons.

This is the type of negative publicity your business doesn’t need.

Email security tips

Research indicates that 63% of data breaches are due to poor outsourcing decisions.

Outsourcing comes with tremendous benefits. You don’t have any of the overhead costs that come with in-house employees and you can select skilled, affordable workers from the international labor market.

However, before you choose to outsource your email marketing, ensure that the agency or freelancer has security protocols inline with your own. The cost of a data breach is never worth the money saved on digital outsourcing.

As an email marketer, you’re also a data gatekeeper. The more customer data you have stored, the more you’re at risk – so only solicit the essential information that you need and nothing more.

Always encrypt emails containing sensitive information. This prevents eavesdroppers from gaining access.

You may also wish to send your emails using a VPN for added security.

Do you have any tips for performing marketing safely and securely? Please let me know in the comments below.