When Social Network Security Can’t Protect You

 

Justin Michael is like many online users. He has a Twitter account and a Facebook account, as well as his own website.

He’s passionate about new technology and social media/networking and what it can do for you, personally and professionally.

Justin is also running for Mayor of Santa Barbara in the upcoming November 3 election. He’s using these social tools – Facebook especially – to help spread his political message, as well as his philanthropical one (Justin’s campaign message is “Humanitarian first, politician second”).

It seems a natural thing to do, when you see how much social media and online networks helped the Obama presidential campaign.

And it would be – if Justin wasn’t the victim of a cyber criminal who has stolen his identity on Facebook. Not just the fake account “fun” that Twitter suffers from – Justin’s legitimate Facebook account has been closed due to the actions of the cyber criminal.

Here are just some of the events so far:

  • Justin’s original Facebook profile cloned.
  • Account starts sending weird spam to friends and supporters.
  • Account starts to get flagged by cyber criminal so people believe real Justin is impostor.
  • Legitimate Facebook account deleted.
  • Spam attacks start on Justin’s Facebook political page.
  • Calls Facebook Palo Alto office and is advised to speak to cyber crimes division.
  • Files police report.

Justin’s tried talking to the person behind these attacks. The responses from the fake Justin Michael account show that the hacker isn’t too bothered about the legal ramifications. He’ll simply keep changing IP addresses each time the one he’s using is tracked.

The reasons behind the attacks aren’t clear. Justin suspects who the cyber criminal is. Maybe it’s politically charged? In one of the message exchanges on Facebook, Justin is advised that if he removes his Internet presence (MySpace, Twitter, Facebook) and reverts to traditional campaigning, his harasser will remove the fake accounts.

Whatever the reasoning, it’s another sad example of how vulnerable our identities are on social networks. It’s too easy to set up an account and impersonate a person or business. All that’s needed is a basic email account and some knowledge of the person or brand involved.

Sure, there are ways that you can protect yourself – brand monitoring, alerts and observant friends and colleagues being just some of the methods. But these will only alert you after the event. By then, the damage can be irreparable.

What about the social networks in question? Can they be more stringent in their account activation process? Possibly. But how do you know the initial account isn’t fake to begin with? And that you’re subsequently blocking the real person or brand from coming on to your network to try and limit damage control?

Sadly, there doesn’t seem to be any immediate and easy answers. For social networks. For cyber crime. For people like Justin Michael. For you, for me.

Social networking is the ultimate connection platform. The question is, are people connecting with you or someone else?

  • Note: With the political background and November dateline in mind, I asked Justin if this was simply a clever PR stunt to raise awareness for his campaign. He swears it is not.
  • Update July 18 – Following Katie’s comment below, this blog piece may offer some insight into reasons behind the Facebook fake account(s).
 
Get my latest posts as soon as they're published

Enjoy this post? Then join 12,603 other smart subscribers and receive my latest posts as soon as they're published - simply enter your email below (I respect your privacy and will never spam you).

Alternatively, click here to subscribe to the RSS feed instead.

24 comments

Trackbacks