SAFEGUARDING YOUR DIGITAL PRESENCE
Protecting Advertising and Creative Professionals from Social Media Hijacking and Ai-Powered Identity Theft.
by JG BEZUIDENHOUT – Offernet
Image/Picture source: Offernet
In the rapidly evolving social media landscape, Social Media Security has become a paramount concern for individuals and businesses. As digital security experts, our team has witnessed firsthand the sophisticated tactics cybercriminals employ to compromise social media accounts. Recently, there has been a notable increase in hijackings on platforms like Facebook, Instagram, and WhatsApp, with a significant number of these attacks targeting users in South Africa. This is particularly relevant for advertising and creative professionals who rely heavily on social media platforms for client engagement and brand promotion.
Facebook Profile Hijacking
Cybercriminals have refined their methods, starting with deceptive messages sent via Facebook Messenger. These messages aim to trick users into revealing their login credentials. The attackers exploit a vulnerability within a Facebook app, embedding a link to a phishing website disguised as a genuine “Show profile” button. When users click this button, they are redirected to a fake Facebook login page that mimics the authentic one, using the “m.facebook.com” URL within the app’s embedded web browser. This approach has proven particularly effective on Android devices.
Once the attackers obtain a user’s login details, they swiftly exploit Facebook’s security protocols to lock out the legitimate owner. They change the account’s password and recovery settings, making recovery challenging. The consequences can be even more severe if the hijacked account manages a business page. Cybercriminals appoint themselves as administrators and post prohibited content, leading to the suspension of personal accounts while they maintain control of the business page. Linked Instagram accounts are similarly at risk.
The impact can be particularly damaging for advertising and creative agencies. If a business page is hijacked, the agency’s reputation can be severely damaged by posting inappropriate or harmful content. Clients may lose trust in the agency’s ability to manage their social media accounts securely. Additionally, recovery efforts can take significant time and resources, disrupting normal business operations.
Ai-Powered Identity Theft: An Emerging Threat
In addition to direct account hijacking, another significant threat is the rise of advanced AI technologies that can create deepfake videos and voice recordings. For advertising and creative agencies, the implications are severe. Fraudsters use AI to generate videos that look and sound like you or your clients, using images and videos from social media posts. These deep fakes are then sent to your Facebook and WhatsApp contacts, asking for money or promoting fraudulent schemes like fake cryptocurrency investments. Victims are more likely to fall for these scams because the messages appear to come from someone they trust.
Technological advancements and the surge in data breaches have exacerbated this trend. Fraudsters are blending real personal details with fabricated information to create synthetic identities. Personal information such as ID numbers, bank account details, contact numbers, and retail account information are prime targets for these criminals.
For advertising and creative agencies, the impact of such AI-driven scams can be devastating. Fake messages and scams can damage relationships with clients and their customers. Deepfake videos can harm the agency’s and clients’ brand integrity, leading to a loss of credibility. Agencies might face financial losses if clients or their customers fall victim to these scams. Additionally, dealing with the fallout from Deepfake scams can divert significant resources to crisis management and recovery.
To protect against these threats, verifying and authenticating any request for information is crucial, as avoiding sharing identifiable information with strangers and taking extra caution when storing or disposing of personal documents. Staying informed and vigilant is essential in today’s digital world, especially for agencies handling sensitive client information.
WhatsApp Account Hijacking
South Africans are also increasingly targeted by hackers on WhatsApp. Regaining control of a hijacked WhatsApp account is straightforward, but the initial takeover can cause significant disruptions. A recent case reported by a MyBroadband reader illustrates this growing concern.
The victim received a message from a known contact on WhatsApp, asking for a 6-digit code from an SMS. The contact claimed they sent it by mistake. The victim shared the code despite suspicions because the message was in their language. Shortly after, the victim was locked out of their WhatsApp account. Their contact’s account had been hacked, and the hackers took over the victim’s account. The victim’s account was then used to spam groups with explicit images and label them as “Hack group virus attack.” Hackers removed members and attempted to gain further control.
Fortunately, the victim’s cell phone number wasn’t compromised via a SIM swap. They re-registered their device by requesting a new 6-digit code via SMS. However, the process was delayed by an error message due to too many code-guessing attempts—a security measure by WhatsApp against brute force attacks. After days of frustration, the victim contacted WhatsApp support through the app, shared the issue with a screenshot, and eventually received a 6-digit code via SMS to regain account access.
It’s important to note that hackers may activate and set a PIN on a compromised account, delaying recovery. WhatsApp allows new device registration without a PIN after seven days, provided the user still controls the phone number. Users can also add an email address as a backup verification method, which is recommended to avoid lengthy recovery times.
The impact of such hijackings can be significant for advertising and creative agencies. Hijacked accounts can disrupt communication channels with clients and team members, causing a breakdown in operations. Inappropriate content posted by hackers can tarnish the agency’s brand image. Sensitive client information stored in chats can be accessed and misused, posing a substantial risk to client data security. Additionally, significant time and effort may be required to recover the account and manage the fallout, diverting resources from regular business activities.
How to Defend Yourself
Protecting your agency and your clients from these threats requires proactive measures. Here are some recommended actions:
Activate Two-Factor Authentication (2FA):
Enable 2FA on all your social media accounts. This additional layer of security significantly reduces the risk of account hijacking.
Utilise Business Manager Access:
Remove users with direct access to business Facebook pages and grant access only through Business Manager.
Restrict Access:
Revoke Business Manager access for users who have not enabled 2FA until they activate this security feature.
Do Not Share Verification Codes:
Never share verification codes received via SMS or email, even with trusted contacts.
Immediate Notification:
If your account is taken over, send a mass SMS from your number to notify contacts and warn them of any suspicious messages from your compromised account.
Create a Complex PIN:
Set a complex but memorable PIN as an additional barrier during registration.
Email Verification:
Set up email verification as a backup method for logging in, especially if you forget your PIN.
Handle SIM Swaps Quickly:
If your number is compromised in a SIM swap, contact your mobile network immediately to block the number and obtain a new SIM card to re-register your device.
Create Complex Passwords:
Use complex passwords that are hard to guess.
Don’t Reuse Passwords:
Ensure each account has a unique password to prevent multiple accounts from being compromised simultaneously.
Beware of Phishing Attempts:
Be vigilant about phishing attempts and avoid clicking on suspicious links.
Use Reputable Password Managers:
Utilise password managers to securely store and manage your passwords.
Report Suspicious Activity:
If you experience identity fraud, ID or passport theft, or any identity compromised, report it to the South African Fraud Prevention Service (SAFPS). Call the SAFPS helpline on +27 11 867 2234 or email sfps@safps.org.za. Visit their website at https://www.safps.org.za/.
At Offernet, our Brandshield security team is committed to safeguarding our clients’ accounts and social media profiles. We urge everyone to implement these security measures promptly. Additionally, it is vital to report any suspected phishing attempts or account compromises immediately. Swift action is essential to protect your digital assets from these increasingly sophisticated threats.
If you believe your brand or your clients’ brands are being impersonated or would like to learn more about how Brandshield by Offernet can protect your business, I encourage you to contact us for a free consultation. Our team of experts is ready to assist you in securing your digital presence and ensuring that your social media accounts remain safe from cybercriminal activities.
Protecting your online identity has never been more critical. Don’t wait until it’s too late—take proactive steps today to safeguard your brand’s reputation and digital assets.
