Is your business secure online?

Is it free from cyber attacks and getting hacked?

We’re going to show you exactly how to protect your online

business. Coming up next, do you want to create, market or

scale your online fitness business?

My name is Sean Garner.

And here we give Real Fit Pros to tips, tools and strategies

they needed.

Succeed Online.

Welcome to the Entra Fit Podcast.

What is up, guys?

Welcome to the Enter Fit Podcast.

This is a topic where I didn’t think a lot of people struggle

with this, and I thought it was common sense and stuff that

people knew.

But Unfortunately, I’ve seen this happen so many times to

fitness professionals, colleagues, friends, and it seems

like it’s kind of been more frequent lately.

So every time I share this with them, they go, oh, my gosh,

I had no idea or I didn’t realize it was that big of an issue.

So I wanted to share a few things with you guys that you

need to do, not just if you have an online business, but

just to protect your identity and just prevent people from

hacking, your accountants, dealing your stuff.

Think about this when you have an online business or an online

presence that is your digital storefront.

If you had a brick and mortar location and maybe you do,

you don’t just walk off at night and leave the thing unlocked

and don’t have an alarm system and not have security cameras.

You do everything you can.

You lock it up, you turn your alarm and make sure the systems

arm and everything.

You do stuff to protect it.

But when it comes to the online stuff, it seems as if people

are just so nonchalant with it so bad, people are taking

advantage of that, and they’re manipulating people.

They’re scamming them so they can hack into their account,

gain access to their information, and they’ll either hold

it hostage, and then you’ll pay them, and you’ll still never

get your accounts and stuff back.

Or they’re just jerks out there that will just screw up your

accounts just to screw it up just because they can.

And then they’ll go on their Merry way.

This is kind of what the stick is, if you will.

The thing that people are doing, what they’ll do is most

often they play on people’s fear and they get them panicking.

So they make irrational decisions.

Most often, the time it responds to something like this,

this is actually a situation that just happened this weekend

by a fitness professional.

Thank goodness.

As soon as they they let me know.

So we were able to come in and help them out.

But this typically what happens.

You’re going to get a direct message, an email, a phone call

that says something like, if you don’t respond within 48

hours, your account is going to be permanently closed forever,

and you’ll never get access to it again.

So as an online business owner, if somebody tells you that

you’re going to freak out like, oh, my God, I’m going to

lose all my social media following.

I’m not going to any more traffic to my website.

You’re going to start freaking out because you think you’re

going to lose everything.

You’re going to do whatever the person tells you, especially

if it kind of looks legit.

And because they get you in that emotional state and they

get you panicking, you make dumb decisions, and you don’t

start actually, just take a breath, step back and actually

read into this.

And so this person from this last week and they freaked out.

They clicked on some things.

And guys, I don’t want to fault this person because they

spent the past two years growing a sizable social media following

and gained a lot of influence on line.

So they thought there they were about to lose everything.

Guys, they gave this person in a matter of receiving the

message. Within five minutes, that person had access to their

user name, email, phone number, and password to their social

media account.

So you’re listening to this now kind of armchair quarterback

click. Oh, why would they do that?

How could they fall into that?

Guys, it happens all the time to some really, really smart

people. They just catch you off guard.

They get you in this emotional state to where you end up

making these poor decisions.

Luckily, this part of this fit pro.

As soon as she did that, she reached out and she said, hey,

I just got this.

Have you ever seen this before?

I instantly red flags.

And here’s some of the red flags that I saw.

One, if any, legitimate source, let’s say Facebook Instagram,

Google support sends you a message.

It will not go to your spam folder.

Think about that.

They own the account.

They own the platform.

It’s not going to go to a spam.

They can control exactly where the message.

So that’s one red flag.

If you’re getting messages to your spam, guess what?

They’re going there for a reason.

They are spam it’s from somebody that you don’t know, or

it’s been flagged as spam before.

So that’s the first red flag that I saw.

The next thing is, whenever you click on the link to go to

their, quote, unquote support to prove you haven’t violated

anything, it wasn’t even on one of their servers.

It was like Help Online account had nothing to do with Facebook

Instagram, Google, any of that stuff.

It was obviously a bogus account.

So those are obviously a few red flags to see.

So thankfully, what happened?

As soon as they let me know what happened, we helped them

log into their account.

As we were logging in, we could see the other person was

in the account.

At the same time, we were able to change the password, change

the email address and everything, throw on some extra security

measure, and then log that other account out, so they got

everything saved.

Thankfully, they acted quickly.

But I want to give you guys today a few tips just to make

sure that you’re protected so you don’t fall prey to a scam

like that.

So grab your notepad, guys.

This to me, is a non negotiable.

You need to do all of these things if you don’t want to lose

your business.

If you don’t have these things in place.

This, to me, is the equivalent of leaving your doors unlocked

and not having an alarm system for your business, right?

If you get robbed, that’s your fault.

You didn’t take the necessary measures to protect yourself,

protect your business, protect your investment.

So same thing if you don’t do this stuff is all of the stuff

that I’m going to tell you to do today is free.

So there’s kind of a non negotiable reason.

There’s no reason why you should do these things.

What I’m trying to say.

So here we go, guys.

These are a few simple things that you can do to protect

your identity and protect your social media profiles and

your websites from getting hacked and losing everything.

So the very first thing, guys, is kind of the no brainer,

but don’t even fall victim to this kind of stuff.

Make sure that you don’t click on any spam email links.

Respond to any spam DMs with links in them, click to any

text links.

Now they’re starting to send stuff.

You probably see this all the time.

Texting links to you.

Spam phone calls where they’re wanting you.

Press numbers and stuff.

Guys, just start off by putting up a defense.

I don’t answer the calls, don’t respond to the text.

If you can tell it’s a spam text immediately, just even delete

it. Don’t open it because just like with emails, they can

tell if you’ve opened the text or not, and it’s a legit number.

They’re just going to keep spamming you even more when it

comes to the direct messages and stuff.

Never click on any links just to lead them.

Block it.

Add it to spam.

Add it to your spam folder on social media, but do not click

any links and anything.

You will never get any type of legitimate support question

asking you to click on something like that.

And if so, look at the servers that it’s coming from.

And even with that, guys, people are super smart.

They can mask servers, which what that means is it makes

it look like it’s coming from support at Facebook com when

it’s really coming from some guy in a closet overseas.

So think about that.

And one is just always be on alert.

If something feels suspicious, it probably is.

If it looks shady, it probably is shady.

So don’t even go down that road.

The second thing, guys, is use a strong password, change

it often and make it different for each service.

So this is what I mean.

One is use a strong password.

If your password is password 12345, you should right now

just just slap yourself and change your password.

And then on top of that, you need to change it often.

What I have found is most of the time people get a password

and that’s like their, quote, unquote password, and they

just keep it.

They don’t ever change it or update it.

So that means they’re going to get slack on their security.

And the thing that’s even worse with that.

The third thing is, don’t make it the same thing for everything.

Do a little self assessment right now.

I bet I feel pretty confident you probably use one to two,

maybe at most.

Three passwords for everything.

Taking social media accounts, bank information on any type

of server, logins all of your passwords for all of your accounts

are probably you recycle the same three passwords.

If not.

Hey, that’s awesome.

You’re at least a little bit better than the majority of

people, but most people guys, they’re going to use one password

for everything.

Why that’s so dangerous?

Hackers know this guy, so they know that they can get access

to one of your accounts.

Most likely that password is going to work on anything else

they want to get into.

That’s why these scams and stuff get so dangerous.

It might seem like, oh, it’s just innocent.

They just needed my Facebook Messenger login, my Instagram

login. They get your password.

Now, they have a pretty good idea what your passwords are

for your bank and all kinds of other stuff that you’ve created

online accounts for.

So one thing that I use guys are several different services

that you can use for this.

One that I really like is called one password.

I do believe it is.

There’s another one called Last Pass.

I’ve used that in the past.

One password is an app that you can download works on your

computer. There’s a Google Chrome plugins and stuff with

it, and it makes it to where you make this really long, crazy

secure password.

And then that auto fills passwords on everything else.

There’s an app on your phone, so it remembers it for all

of your other apps and stuff as well.

You can also do secure notes on there.

So if you just have random information that you don’t want

anybody to see, you can use that.

And you can secure that by using it.

App, like one password.

Check it out.

One password, Last Pass, or the two that I’ve used before.

I’m sure there’s tons of them out there to make sure you

do your research.

You find out what’s best for you, and that it’s a legitimate

thing. But those are kind of cool, too, especially if you

have a team.

You can have one password that you give to them, and you

could create sub account so you could create, like, a master

password for them that only gives them access to your social

media account.

So if you have, like a third party, like agency or something

helping to manage that stuff, or you can create one that

just does your website stuff pretty cool.

So that way you have one password so you can see everything

and it helps you.

So you don’t have to worry about remembering all these passwords.

You can keep all your notes in there, and at the same time,

you can easily share passwords with people that are working

in your team without giving them your main password.

Really cool, guys.

Check out that stuff.

The next thing is set up two factor authentication.


I am by no means an online cyber security network expert

or anything.

This is just basic common sense.

So two factor authentication just means another step of verifying

your identity before or you get to log in.

So most people do have this enabled, I found recently, but

what they do is they have it where it just text them or it

sends them an email.

That’s why these hackers, when they reach out, they ask for

your phone number or your email at the same time.

So even when the two factor kicks on, they still have access

to it.

What I personally use and recommend, and there’s several

of them out there.

This one is free, though, is Google Authenticator.

So Google Authenticator is a two factor authentication.

So what it does is it is only used on your cell phone, so

only you have access to this code.

You have to have your face scan and password to access it.

But you have these two factor codes for all of these different

services and online passwords that you use, and that code

changes like every 30 seconds.

So let’s say you wanted to log into Instagram and you have

the two factor authentication app enabled.

Well, what would happen is as soon as you logged into Instagram,

you have 30 seconds now to go into that other app app, copy

the password and paste it in before it refreshes.

This makes it very, very difficult for people to hack your

account because they can’t do it unless they also have the

password to your cell phone, the password to the Authenticator

app and actually are physically holding your cell phone.

So that’s a really great thing.

I highly recommend it, and I use it for everything for all

online password, social media profiles, banking information,

guys, everything you should have that two factor authentication

on and also highly, highly I highly recommend that it is

done with a two factor authentication app like Google Authenticator.

Again, that’s a free app.

Just check it out in your app store.

The next thing, guys, is check account roles and who has

access. So you may have a team, maybe your solo Perner doing

this by yourself, but maybe even have just some VAS working

with you.


Always check admin privileges for different services that

you have.

Have you created several admin or moderator accounts on social

media profile, on websites in form groups.

Just always good practice just to go back in and check just

to make sure people haven’t somehow figured out how to upgrade

their privileges.

So they’re not accessing information they shouldn’t.

Because even though they may be good people or not doing

anything malicious, they could get hacked by following prey

to one of these schemes.

And then somebody else has your information not through you,

but through one of your team members.

So always be cautious.

Make sure you got best practices set up.

And your team members that are working with you and with

your accounts as well have this information set up for you,

too. The last thing, guys, and then we got a bonus thing

at the end that I came up with as we were typing this out

just now is consider creating an email account just for social

media account information.

So you might have social at whatever your domain is com.

And the whole purpose of that email account is so spam messages

can get sent there.

If people are reaching out to you on social media, that can

get sent there.

But that’s where all the social media profiles are tied to.

So should somebody hacking to your account.

You also have another backup email account, so they don’t

get everything, because that’s the whole point of all of

this stuff, guys, just putting up walls and layers of protection.

So that way, if somebody does get a small piece of it, they

don’t get everything.

That’s what we want to do, because that’s kind of the worst

case scenarios.

It might seem innocent.

Like I said, where it’s just an Instagram password, but they

end up getting access to everything and even personal financial

information. I could get really, really bad.

So it’s another best practice I recommend is having an email

account set up just for social media profiles to connect

to. So last last thing, guys, is just another best practice

is back up all of your data and everything that you do, especially

your content.

What a lot of these hackers will do is they will come in

and they’ll steal your account, they’ll wipe it out, and

then they will sell your account.

You can actually find sketchy websites online where somebody

will sell you.

You’ve probably even gotten spam messages about this service

where somebody will sell you a social media account, where

it’s like 500 follower fitness based account.

What they’ve done, they’ve hacked somebody’s account just

like this.

They’ve wiped out all the images and then and deleted pretty

much wiped the account out, except for the follower account.

And then they sell that to somebody else that wants to work

in fitness.

So that way it’s fitness based followers.

They are real followers.

They’re not following you where they’re following somebody

else that they got their account hacked.

So what I always recommend people do is say you’ve got the

worst case scenario here just to protect yourself.

Back up all of your content.

Guys, on any type of, like, backup service, download and

save your website.

You should have that auto done for you with whoever your

web server has gone through.

Do something like Google Drive or Dropbox a backup all of

your social media account.

All your YouTube videos, guys, always back them up before

you upload them social pictures.

Any of that stuff.

Guys, that could fall.

Imagine if you lost everything.

You need to have a backup for those things.

So the things that are important, guys, you should be backing

that date up.

Use something like Dropbox or Google Drive to use that.

Man, Guys, I hope this video this podcast episodes adds value

to you guys.

This is definitely going to be one you’re going to want to

share with your Fit pro friends so they do not fall victim

to these games.

Guys, this is your online business.

You must protect it so you can continue to change and serve

lives. Can’t do that.

If people are still in your stuff.

Protect you guys.

Put these things into place.

You can keep doing what you’re doing.

Changing lives, guys.

So thank you so much for checking out the Entropy podcast.

Man, wherever you guys are listening to us or watching this

ad, be sure to subscribe like and share this with your fit

pro friends.

We can change more lives.

Love you guys.

Have an awesome day, and we’ll talk soon.