The Semacraft Blog

When Your Brand’s Profile is Hijacked.

without comments

Brands have been establishing outposts on social sites such as Facebook, Twitter and LinkedIn now for a number of years. The last two years have reached fever pitch. Here are some basic realities of these profiles as we have found in our very unscientific survey.

  • Many brands that have started experimenting on these sites update their content by logging in directly.
  • There are organizations that use third-party services such as Co-Tweet and Hootsuite to update their content.
  • Some organizations have been outsourcing the management of their outposts to agencies.
  • Many profiles managed by agencies and/or brands with social media teams are updated by more than one person.

Here’s my take. The weakest link in the chain is the username and password. The efforts that have been made by criminal cyberspace gangs over the past decade to harvest identity data should worry administrators some. The Mariposa bot was a big wake-up call for us.

What does this mean for brands with a presence on the social web? Simple. Your website used to be a primary target for hackers. Now it’s going to be your social web profiles. Here’s a scenario.

  • Brand A is a gourmet restaurant franchise.
  • Brand A’s employee 227 manages the Twitter and Facebook profiles. He loses his laptop computer to a thief and the said computer ends up in the hands of Gang Y who find information valuable. Information such as usernames and passwords.
  • Gang Y log in and sends messages to followers/fans inviting them to download x-rated videos at a special discount rate because they are fans of Brand A.
  • Brand A discovers the breach when followers/fans begin to complain. As far as they are concerned, the messages came from a valid account they have a history with. They probably won’t believe it when Brand A claims to have lost control of their profiles for a period.

That, I think, is a veritable disaster. Does your business have a disaster plan for this sort of thing? Do you have policies or a strategy designed to ensure login credentials are secure or determine what to do when they are compromised?

Here a five things that can help you get a handle on things.

  1. Have a strategy that ensures passwords across the organization are strong and that explicitly directs what is to be done in the event of a breach.
  2. Lock things down. When you discover you’ve been hacked, revoke all access to the profiles other than direct login via the social site’s login page. Change all passwords immediately.
  3. Report the attack. It’s important to show some proactivity to reassure the both the fans/followers as well as the site that you are back in control.
  4. Tell the story loudly. Let your fans know you were hacked, which messages were not from you and that you’re back in control.
  5. Plug the leaks. Sometimes weak passwords are not the problem. It could very well be poor enforcement of security such as leaving logged in laptops unattended in public spaces.

Help me grow and improve this list. What’s your take?

Written by Muchiri Nyaggah

August 16th, 2010 at 5:10 pm

Are Brands Social on ‘Social’?

without comments

Apparently, not many brands are. I have long argued (ok, maybe only for a year or so) that brands that have a presence in the social media space aren’t necessarily social. Many of them just use social tools to do marketing or PR the same old way.

This article confirms (at least in the UK) my non-scientific research. Setting out to ‘do’ social is not authentic. We have to set out to BE social. Not responding to someone who is obviously talking to you is just plain rude but apparently that hasn’t stopped 43% of the top brands from ignoring tweets completely.

Have a look at this post, very insightful.

Makes me wonder whether brands that aren’t social in social spaces have the cultural capacity within them to deploy Social CRM technology. What do you think?

PS. #scrmpioneer is a great place to join a conversation around Social CRM.

Written by Muchiri Nyaggah

August 6th, 2010 at 12:46 pm

Dr Pepper’s Facebook Fiasco May Have Negligible Impact

without comments

Lean Mean Fighting Machine, the UK agency that won Coca Cola’s Dr. Pepper account came up with a wildly risky Facebook campaign. And the executives at Dr. Pepper signed off on it.

Carrying on from a porn(ish) viral video, they created a new campaign using a Facebook app that takes over your status update (if you let it). There was a chance to win £1,000 if you let the app have it’s way and post what promised to be embarrassing status updates under your account. Here’s the story in better detail.

Read the rest of this entry »

Written by Muchiri Nyaggah

July 21st, 2010 at 5:01 pm

The Achilles Heel in Corporate Social Media Strategies.

without comments

I had a conversation with a client who was looking to roll out a social media campaign recently. They seemed to have all their bases covered. They had formal authority from management, great sources for content, a team of creatives working on copy and graphics, a monitoring platform…I was quite impressed.

And then I asked, ‘What happens if your Twitter account is hacked and porn related tweets are sent to you 20,000+ followers?’

There was dead silence.

It was only then that I realized how much even we had failed to emphasize this aspect of online security adequately in the recent past.

Do you know what you would do? Does your organization have a policy on how to respond to this type of situations?

Let us know what your Plan A is.

Watch this blog for a social media crisis response strategy uploading real soon.

Written by Muchiri Nyaggah

July 15th, 2010 at 1:37 pm

In Honor Of People

without comments

Social CRM is, in our opinion, underpinned by an attitude to business. An attitude that genuinely wants to provide customers with extraordinary experiences and actively seeks out ways of doing it consistently and in a scalable way.

Here’s our thought on Social CRM. We call it our one-page manifesto ver 0.1a

Read it here In Honor Of People

Written by Semacraft Team

July 1st, 2010 at 1:39 pm

Follow

Get every new post delivered to your Inbox

Join other followers