Social Media Hackers Reveal Their Favorite Scams
I’ve just returned from SEOktoberfest, an exclusive Munich search engine optimization conference and annual underground SEO social bash. The vaunted event draws about 50 of the hottest black hat, gray and snow-white brimmed marketing scientists to shred data.
SEOktoberfest is prestigious and infamous. Anywhere in the world I don my SEOktoberfest hoodie, anyone in-the-know understands that a serious marketer is in the room.
My brilliant colleagues are stealthy marketers. We test smashing holes in the system and gently pry cracks open. SEOktoberfest underscores a sometimes-unnerving reality that many now-legit brand marketers are former hackers.
Before leaving Munich I asked friends, two of the deepest marketers (and one-time hackers) in the world, crucial questions plaguing social marketers:
- What’s the nasty stuff hackers can do to seriously mess with our personal and business social media profiles?
- How can we protect ourselves from such destructive social media dirty tricks?
This column is the first of a two-part series capturing answers ranging from mild to wild. So, sit back and get insight from folks who’ve been there–and (maybe) done that.
First up this week is Joe Sinkwitz, CEO of Intellifluence. Without sharing details, Joe’s exploits forced Google to make some notable changes. Totally white hat today, Joe moved from churn-and-burn black hat tactics to using his smarts to repair problems and assist agencies in cleaning up digital messes made over the last two decades.
Here are Sinkwitz’s top three tips:
1. Beware of negative social engineering.
Among the most debilitating experiences is having a brand’s identity stolen then used against you. It happens at greater scale in the digital world.
Little skill is required to copy a profile image and a few old posts. This seems innocuous until that troublemaker convinces a few of your friends that their version of your profile is real.
They follow with phishing attempts, misinformation and worse. If your accounts are not verified, things get more problematic, because theoretically a fraudster can apply for verified status and protect your audiences from you.
What can be done? Be diligent in policing against fraudulent use of your persona and cultivate an active audience. If you do find someone has co-opted your social profiles, skip the abuse claim process. Go directly to a copyright claim. Social networks react much faster to claims, because under the Digital Millennium Copyright Act, they’re legally required to react.
2. Watch out for fake friends.
A few fake followers isn’t a big deal. Neither is an inevitable pornbot follower.
Trouble starts, though, when social profiles see a coordinated attack. For example, you may have 1,000 followers tonight but suddenly find 5,000 spambot followers tomorrow. Imagine what that can do to the “accounts relevant to you” algorithms in Facebook, Twitter, YouTube and others — and how the channels decide who sees your content.
We should never accept friend requests from junk accounts, and we should be aware how a follower base affects your social reach. Purposefully increase your real follower count and report spambots as abuse.
3. Keep tabs on hashtag abuse.
So, you had that great campaign with solid, branded hashtags from an event, television campaign, or whatever. Don’t neglect those golden hashtags. Old conference hashtags are indexable in Google, so those old gems become prime targets for manipulation.
Periodically reshare best-of material on that great hashtag to help block out spammy noise. Consider using evergreen hashtags such as #JoeCon instead of #JoeCon2017. Own that same branded hashtag year after year.
Every time I attend SEOktoberfest, I have an amazing experience. Next week we’ll hear from Robert “RSnake” Hansen. Hansen is a great guy doing great work — all above board. But he has been known to work around the edges on occasion and his exploits have poked big holes in some big systems. He knows his stuff and we’ll share his top thoughts next week.
Until then, go cover your social assets.