Be warned: bored pranksters can impersonate multi-million-dollar brands on Facebook with just a few keystrokes.
How often do you have someone checking and updating your company’s Facebook page? If it’s once a week, or even every few days, you’re probably doing it wrong.
Just Jeans learnt this the hard way a week or so ago, when it discovered a prankster wreaking havoc on its official Facebook page. Over a 12-hour period, a user pretending to be a company spokesperson replied to customers with offensive comments, telling one customer who gave positive feedback that she’d actually been blacklisted across several stores.
This is the latest in a string of high-profile incidents where company Facebook pages have been hijacked by pranksters. Flight Centre suffered the same fate recently on its official Facebook page, and sheepishly admitted that a fake Flight Centre profile had been impersonating a company spokesperson for several months.
That’s right, months. Flight Centre wasn’t just asleep at the wheel, it was in an outright coma.
In November, budget airline Jetstar discovered a fake Jetstar Australia profile that was answering customer posts with rude replies, calling one customer a ‘spoilt brat’ and convincing another customer that her flight had been cancelled.
Imagine if someone walked into a Just Jeans store, pretended to be a staff member, and began insulting customers? The offender would be kicked out of the store immediately, and the police would probably be called in for good measure.
The alarming thing is that it doesn’t require any hacking or specialist IT knowledge to pull this stunt off. Just for laughs, I created a Just Jeans profile and used the same profile picture as the Just Jeans page administrator.
All I needed was an email address. As far as the Just Jeans page’s fans were concerned, I was the administrator, as any posts and comments that I wrote would look identical to the ones made by the page administrator.
It shouldn’t be this easy to impersonate businesses and brands on Facebook, but it is. Bored pranksters can impersonate multi-million-dollar brands with just a few keystrokes, and it’s a loophole that Facebook really needs to address. It wouldn’t be difficult; Facebook could differentiate page moderator posts with different formatting or have an icon next to the moderator’s profile name.
The lesson here is to be vigilant. I’m expecting more and more of these incidents to occur as the loophole becomes more widely known, and until Facebook addresses this issue, the onus is on businesses to respond swiftly to any hijacking attempts.