In this social-media-fueled world, Facebook is a vital fundraising and communication tool for a thriving nonprofit. But the social media platform isn’t always safe.

One animal shelter recently discovered this the hard way when their account was hacked. A stranger had gained administrative access to the shelter’s page and posted a link to a fraudulent GoFundMe that claimed to be raising money for animals affected by the California wildfires.

The staff at the shelter removed the post and warned their followers it was fake, but the hacker responded by threatening to delete their page. It was only the beginning of a months-long struggle for the shelter’s donations. The shelter eventually regained control over their page, but said that Facebook was not helpful during the process and ignored repeated requests for help.

Hackers often target nonprofits because of their smaller size and lack of specialized IT staff. So how do you ensure that your organization’s page doesn’t fall prey to hackers?

Don’t fall for phishing

The shelter discovered that their account had been compromised after someone on staff clicked on a malicious phishing link. Stay safe online – carefully vet links on devices associated with your Facebook account. Strange links that may appear to be from supporters might be a hacker.

Use two-factor authentication

Make sure that there is a phone number linked to your account in addition to an email address, which will make it more difficult for hackers to access your account.

Have a plan

If your Facebook account gets hacked, it is vital to deal with the issue immediately. Designate a staff member to manage the crisis and ensure that Facebook is contacted early on and frequently about the breach, so that your account can be recovered as soon as possible.