As the “Age of Social Media” grows exponentially, so does the variety and complexity of threats facing corporations. With billions upon billions of daily posts across millions of sources spanning the open social universe detecting, identifying and mitigating the myriad of risks is nearly impossible for brands using conventional social monitoring tools. One of the newest and most damaging threats is that of “brandjacking,” essentially the hijacking of brand’s online presence, typically on a social network.

For years, companies have been faced with the dangers of having their web property hacked, which typically requires a sophisticated skill set to accomplish. Today, however, with the proliferation of social the impersonation of brand can be done by anyone with a computer and web connection.

There are two general types of brandjackings. The first, which tends to be more challenging to pull off, is a takeover of a social account, generally accomplished via hacking, phishing or other method. This can result in massive, immediate damage since the message is coming from the actual social account of the brand and is being broadcast out to its followers.

The second type is where the perpetrator simply sets up a new account, impersonating the brand. This second tactic is typically slower to develop given the need to generate followers, but the damage can spread quickly as the impersonating messages are rebroadcast across the open social universe.

Takeover Type

One visible example of a takeover brandjacking was with Burger King’s Twitter account earlier this year. The brandjackers rebranded the account to McDonald’s look and feel, broadcasting to the over 83,000 followers that Burger king was just acquired by their nemesis. They also posted a series of disparaging and potentially offensive posts through the account. As much as this seemed like a harmless practical joke on the surface to may, it created an all out crisis for Burger King damaging their brand and credibility in the market.

Aside from brand damage, brandjacking can bring down entire financial markets with a mere 140 characters. In the case of the Associated Press, on April 23, 2013 the Syrian Electronic Army took over the AP’s primary Twitter account. The group proceeded to broadcast that the White House had been attacked and President Barack Obama had been injured from two related explosions. In mere moments, the post was retweeted over 3,100 times across Twitter and other social venues, reaching millions of individuals across the social network and beyond.

As a result, it not only created confusion and concern, but also significant financial damages. Automated trading systems picked up on the news which triggered a series of trades causing the Dow Jones Industrial Average and S&P 500 to plummet minutes after the post. In the end, although the markets recovered in relative short order, it is estimated that $136 billion was lost and many impacted investors suffered tremendous losses because of the incident.

The Associated Press had to scramble to recover their social accounts and notify the public that the posts were fake, resulting in quick control of the issue, but also significant damage to their credibility and reputation, which many are still discussing months after the incident.

Impersonation Type

In the Burger King and Associated Press examples, the social accounts were essentially hacked and taken over. However, another type of brandjacking is growing at a significant rate and is does not require the ability to phish or hack a system. Rather, the perpetrator can simply register an account under a corporate name to impersonate the brand. While the damage can take longer to develop, it can still be significant and and much harder for the brand to detect and identify.

One example of this is where Exxon Mobil was impersonated on Twitter. A user supposedly named “Janet” claiming to be an Exxon Mobile employee registered the account @ExxonMobileCorp, branded it and essentially represented the corporation. The account quickly gained hundreds of followers and was posting on controversial topics like the Valdez oil spill. Exxon was oblivious to the account representing it until the Houston Chronicle asked them for comment.

For an extended period, even after Exxon was made aware of the impersonating account, “Janet” continued to post, essentially representing Exxon and further impacting their brand. The slow response from Exxon caused further confusion within the market and, in some cases, anger with the brand given the posts that were made representing the corporation.

Even currently, brands like Costco, Ikea and Bass Pro Shops, to name a few, are being brandjacked on social sites like Instagram, attempting to duping consumers into following the account and rebroadcasting their posts for “a $100 gift card.”

Accounts titled “Costco Official” and “Ikea Official” are gaining thousands of followers and representing the corporations. After learning of the impersonations from consumers, some brands have responded confirming the accounts are not managed by their corporation, however others have had no response.

Brandjacking Protection

While eliminating brandjacking completely, either via takeover or impersonation, is nearly impossible, given the sheer volume of social media, having NewSLIC Copyright Smallthe ability to immediately detect and respond to the threat can save brands major damage and embarrassment. This sort of detection requires sophisticated streaming big data processing and complex concept modeling to identify the brandjacking attempts within the billions of daily discussions across the open social universe. This is a major reason why an increasing number of leading brands are engaging “social intelligence services” for advanced social intelligence, threat detection and risk tracking. These command centers serve as the social eyes and ears for the brand identifying threats in real time and immediately escalating those threats to risk stewards of the enterprise, which can include Corporate Communications, Legal, Finance, Risk, Compliance or a variety or other areas.

While, immediate detection of these emerging threats is critical, so is the speed of the response by the corporation. In many of these cases, the brand is seemingly stunned and confused by this new type of threat and unsure how to strategically respond. This is why more and more brands are also looking to external expertise for guidance along these sort of matters. Responding to the brandjacking quickly but directly addressing the issue is vital to mitigating the threat, managing the ensuing damage and ultimately protecting the organization.

Question: Is your company equipped to identify and address brandjacking incidents? If so, how are you accomplishing this? If not, why?

Examples in are borrowed, with permission, from ‘Avoiding #FAIL: Mitigating Risk, Managing Threats and Protecting the Corporation in the Age of Social Media (2013, Ascendigm Press).