Comments
In an increasingly social-media influenced world, we are all aware of the benefits that an engaging presence on social networking sites brings to a brand. Success on social media enables businesses to create unofficial, yet involved, brand ambassadors who are genuinely excited about their products and services and are willing to share them with family and friends. But there is always a flip side. As social media platforms become the predominant form of customer communication, the threats to companies and brands are also becoming a part of their digital presence. These include several obvious risks to malicious and almost irreparable brand attacks.
Statistics tell the tale! Nearly 600 new fraudulent brand accounts were created each month between April and June 2016 on social media sites Facebook, Twitter, YouTube and Instagram, according to a study by Proofpoint. Furthermore, nearly one in five of the 5,000 social media accounts connected with the top 10 global brand names were fraudulent.
PayPal is no stranger to this. After several instances of discovering fake support pages on Twitter and Facebook, we have identified a few key mistakes to avoid that can offer ‘hijackers’ more opportunities to impact the brand’s reputation. While prevention might be the ideal state to aspire to, it is not realistic in every scenario. These steps can help brands detect the threat early, so that they can act accordingly.
Don’t give others the opportunity to hijack your brand Cyber criminals are always on the lookout for opportunities to take advantage of a brand’s lax social media policy. Several brands don’t climb onto the social media bandwagon soon enough, giving hijackers the opportunity to claim the space for themselves. This involves creating a fake page with the brand’s name and convincing potential customers of its credibility. They also offer free perks and customer service action. Companies should create and maintain an official social media presence on major social media sites even if their usage of these sites is infrequent. And if their brand has been hijacked by fraudulent imposters, their customers must be made aware of the situation quickly. Companies should also communicate with customers repeatedly that only their official sites – and no other platform - will be used to make announcements about new products and services.
Ensure accountability A brand’s presence on social media consists of a collection of accounts created by the company. If the creators of these accounts do not coordinate the activities with the designated regulatory authority inside the company (for example, the info-security team) by keeping them in the loop, measures cannot be taken to prevent data exploitation. Companies must monitor all their processes that relate to social media by following proper security protocol to guard themselves against fraudsters.
Be aware of your social presence Companies usually assume that the information they post on social media is the only information available about their brand. This is usually incorrect as a lack of monitoring enables cybercriminals to create fake content that can lead customers astray as well as damage the company’s reputation. These accounts that impersonate the genuine brand must be identified and dealt with at the earliest to limit the damage caused to the brand. Creating and maintaining an inventory of a brand’s social media presence is key to discovering nefarious social media accounts when they do inevitable crop up.
Report fraudulent sites Identifying fraudulent sites is central to solving the problems that a brand faces in the social media domain. Companies usually restrict this activity to their own security teams, ignoring the groups that are equally affected by the fraud: customers and industry organisations. Sourcing reports from these groups is the best way to identify and deal with threats to the brand image. Security teams can collate and evaluate the tips they receive and reach out to the relevant authorities to rectify the situation.
Install a mechanism to take customer reports on fraud
Customers should be empowered to conveniently report instances of brand fraud to the company. It is here that the roadblock exists as most companies do not have a centralised system to report fraud and therefore miss out on vital data that can help save them from character assassination.
This gap in the process results in time delays and increases the potential for damage to the company. These delays can be reduced by developing a response plan that includes the documentation that should be collected as well as who should be contacted at the company and the social media site. In addition to this, a standardised means of reporting fraud information can help streamline the process.
Even if the information about brand fraud is verified, it may not be understandable to the customers who need it, leading to even more delays. By presenting the material in a simple, concise manner, customers can be better informed.
Preventing social media brand fraud will remain a challenge because of the generative nature of social media platforms and the proliferation of new and more creative scams. While these measures might not completely stop this kind of abuse, it will certainly raise the barrier for protection and prevention.
Phoram Mehta is Head - InfoSec PayPal APAC
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.