How to Protect Executives from Social Media Impersonation Mitch Warren October 21, 2024

How to Protect Executives from Social Media Impersonation

Recently, a number of brands have approached our threat response team about social media impersonation against executives at their companies.

Scammers impersonating an executive on social media is a form of digital identity theft. It aims to exploit an executive’s reputation to gather victims’ sensitive data, including credentials and financial information. Or to discredit an executive or brand. Handling these incidents gets especially tricky when a company executive does not have an established social media presence.

SOCIAL MEDIA SPOOFS

The Social Media-Averse Executive Dilemma

In one case, a CISO sought guidance on taking down accounts on Facebook and Instagram, impersonating an executive who did not have nor want accounts on either platform. This is common. We help several brands with executive impersonation where the executive has no intention of creating or nurturing a presence on social media platforms.

And, without an authentic pre-existing account to point social media abuse teams to, social media platforms are slower to act. 

Currently, our top-tier takedown team observes that X/Twitter and LinkedIn handle these cases more efficiently.

While it’s speculation, our team suspects that recent lags in abuse responsiveness from Facebook and Instagram might be due to Meta’s increased focus on its verified account programs. It is also possibly prioritizing the takedown of spoofs related to verified accounts.

In the past, prompting Facebook or Instagram to take action on a spoof involved having the impersonation victim (the executive) take a selfie in a mirror while holding a government-issued ID. However, Meta abuse teams are not taking action as swiftly as they once did. 

X and LinkedIn taking action more quickly typically result in shorter takedown times than Facebook and Instagram. However, these takedown timeframes ebb and flow over time as each platform continuously updates its account verification policies.

Proactive Measures Against Executive Impersonation on Social Media

Stay Vigilant & Up-to-Date to Combat Online Executive Impersonations

 

Another tip that might work for brands that advertise on social media is to imply the potential withdrawal of their advertising spend.

For example, when one prominent brand reported impersonations of an executive who lacked a social media presence, they didn’t see results initially. However, after contacting their advertising sales representative, action was quickly taken to remove the spoof accounts.

Indeed, this was a significant brand, probably with a substantial advertising budget. Brands with smaller spending might experience a different outcome, but it may be worth a try. When some platforms sense that advertising revenue is at stake, they become more responsive.

Establishing ownership of accounts associated with your brand, executives, etc. on social media is crucial for swift enforcement/takedown.

Some executives prefer not to maintain accounts on social media platforms. Creating accounts for such executives, even if they remain inactive, goes a long way in streamlining the response to impersonations of that executive. Most platforms ask for a link to an authentic profile as part of the impersonation reporting process. You may also decide to go as far as completing the social media platform’s verification process for that account.

In general, having a verified account for an executive will accelerate the takedown of social media impersonations.

Here listed are the verification processes for various social media platforms:
Meta (FaceBook and Instagram) Account Verification 
LinkedIn Verification
X/Twitter Verification

Related Articles