When Social Network Security Can’t Protect You

Justin Michael is like many online users. He has a Twitter account and a Facebook account, as well as his own website.

He’s passionate about new technology and social media/networking and what it can do for you, personally and professionally.

Justin is also running for Mayor of Santa Barbara in the upcoming November 3 election. He’s using these social tools – Facebook especially – to help spread his political message, as well as his philanthropical one (Justin’s campaign message is “Humanitarian first, politician second”).

It seems a natural thing to do, when you see how much social media and online networks helped the Obama presidential campaign.

And it would be – if Justin wasn’t the victim of a cyber criminal who has stolen his identity on Facebook. Not just the fake account “fun” that Twitter suffers from – Justin’s legitimate Facebook account has been closed due to the actions of the cyber criminal.

Here are just some of the events so far:

  • Justin’s original Facebook profile cloned.
  • Account starts sending weird spam to friends and supporters.
  • Account starts to get flagged by cyber criminal so people believe real Justin is impostor.
  • Legitimate Facebook account deleted.
  • Spam attacks start on Justin’s Facebook political page.
  • Calls Facebook Palo Alto office and is advised to speak to cyber crimes division.
  • Files police report.

Justin’s tried talking to the person behind these attacks. The responses from the fake Justin Michael account show that the hacker isn’t too bothered about the legal ramifications. He’ll simply keep changing IP addresses each time the one he’s using is tracked.

The reasons behind the attacks aren’t clear. Justin suspects who the cyber criminal is. Maybe it’s politically charged? In one of the message exchanges on Facebook, Justin is advised that if he removes his Internet presence (MySpace, Twitter, Facebook) and reverts to traditional campaigning, his harasser will remove the fake accounts.

Whatever the reasoning, it’s another sad example of how vulnerable our identities are on social networks. It’s too easy to set up an account and impersonate a person or business. All that’s needed is a basic email account and some knowledge of the person or brand involved.

Sure, there are ways that you can protect yourself – brand monitoring, alerts and observant friends and colleagues being just some of the methods. But these will only alert you after the event. By then, the damage can be irreparable.

What about the social networks in question? Can they be more stringent in their account activation process? Possibly. But how do you know the initial account isn’t fake to begin with? And that you’re subsequently blocking the real person or brand from coming on to your network to try and limit damage control?

Sadly, there doesn’t seem to be any immediate and easy answers. For social networks. For cyber crime. For people like Justin Michael. For you, for me.

Social networking is the ultimate connection platform. The question is, are people connecting with you or someone else?

  • Note: With the political background and November dateline in mind, I asked Justin if this was simply a clever PR stunt to raise awareness for his campaign. He swears it is not.
  • Update July 18 – Following Katie’s comment below, this blog piece may offer some insight into reasons behind the Facebook fake account(s).
Sign up for free weekly content

Enter your first name and email below to get my free weekly newsletter with the latest posts, recommended reading, content tips and more.

(I respect your privacy and will never spam you)

Blog consulting with Danny Brown

    Leave a Reply

    Your email address will not be published. Required fields are marked *

  1. Katie says

    I don't know this guy but I did live in Santa Barbara for many years so still follow the news. He's perceived by many as a liar/conman/fake and, while one must always perform due diligence w/the media, generally where there's smoke, there's fire. I think you should do searches in the local journals. For the most part, they have no axes to grind. You can start with this post and the comments: http://santabarbarasblog.com/?p=3346

    • says

      Thanks for the link, Katie. While my post is about social networks and how easy it is to fake an account, I'm always happy for both sides of a post to be discussed (I opened up dialogue with the “fake” account holder as a potential follow-up piece).

      The reasons for the attack(s) may have merit; they may not – it's not something I can really discuss without the full picture from both sides, and may yet be something that comes out sooner rather than later.

      In the meantime, I still believe that social networks like Facebook, Twitter, Ning, etc, need to improve their security if they want to continue growth and popularity, and not just for political reasons.

      Thanks for stopping by!

  2. John says

    I've ran into this guy and know him through people. Cocaine, lies, obsession with image, partying, hardly a mayoral candidate.

  3. John says

    I've ran into this guy and know him through people. Cocaine, lies, obsession with image, partying, hardly a mayoral candidate.