Freshome Loses 1M followers on Facebook after Brandjack, then Gets them Back
by Candace Kaiser with Karen Masullo
When we say the word “crime,” what comes to mind? Theft, physical violence?
What about cybercrime? According to the Department of Homeland Security, cyber intrusions and attacks have increased dramatically over the last decade, exposing sensitive personal and business information, disrupting critical operations and imposing high costs on the economy. Criminals who commit cybercrime use various methods including:
- Theft of personal data
- Copyright infringement
- Fraud
- Child pornography
- Cyberstalking
- Bullying
- Extortion
Real-Life Scenario
Freshome, a very successful design and architecture webzine recently experienced a heart-stopping brandjack on Facebook this past week, and they were not alone.
We reached out to Freshome founder and CEO, Micle-Mihai Cristian, and he was exceptionally responsive. Cristian created Freshome at the age of 20. Seven years later, the company has an enormous social following and a solid brand name.
As per a Forbes article in April: What started out as a pastime is now a thriving web business that gets around 4 million unique visitors per month, has garnered more than a million likes on Facebook, 100,000+ Twitter followers, and 70,000+ Google Plus followers; the majority of who people who are looking for innovative ideas on how to style or redesign their homes.
As detailed on HackingNews: Huffington Post, Forbes, CNET and Yahoo News are some international publications that use the site’s interior design as inspiration for articles with topics of design and architecture. Listed among the top places in the list of Technorati…displays articles on buildings around the world and even received bids that have reached 3 million.
Notably, this success is what made them a target; their numbers are impressive, especially for a company founded in 2007 – they have grown their following organically through a high level of quality content, social engagement and transparency.
In the spirit of transparency, Freshome took to their blog to immediately inform their community of the incident – one of which all Facebook page admins should be aware:
We wanted to make a quick announcement for those of you who follow Freshome on Facebook. A few hours ago we received a notification in Freshome admin tab that looked really strange …the message said:
“Page verified has requested to take ownership of your Page. If you approve the request, Page verified will take ownership of this Page which will allow the admins of the Page verified business to manage Page roles. Accepting this request is permanent.”
Below are two screen shoots of how this notification looks like.
When we first saw this notification we thought that Facebook finally decided to verify Freshome Facebook page ( more about Facebook process of verifying pages here – P.S – Facebook is very vague on how this process actually works) ..but it seems that this notification was actually a SCAM. A scam that right now left Freshome.com without a Facebook Page.
How this scam / hack actually works : Somebody ( with bad intentions ) created a fake profile with a fake username ( Verified Page ) and a very misleading profile picture ( that actually looks like the notification came from Facebook ) and asked us to take ownership of our page. Since Facebook is not clear on how this process works we didn’t know what to expect and we clicked Approve and now 1,000,000+ people who liked our page can’t access our Facebook page. It seems that the guy who took over our page unpublished the page from Facebook and right now if you try to access it you will be redirected to Facebook main page.
We’ve already reported this problem to Facebook and also noticed on Facebook Help Center that more and more people have experienced this problem today ( 1, 2, 3 ) …and more and more people start to complain about this scam in the comments section.
It seems that this scam / hack is really new and we hope that somebody from Facebook will see this message and help us have our Facebook page back and also make sure that this problem won’t happen to other page owners.
Later edit – There appeared more pages who try to steal pages and their names are : Page Verified, Page Verifier, Page Vérifiée, Verified Page
Please share this post to let others know about the “Verified Page asked to take ownership of your page” scam / hack that is happening right now on Facebook and let’s hope that Facebook will activate Freshome page as soon as possible.
Less than a day after the hack occurred, something unexpected happened: the hacker gave back the account.
The comments from Freshome followers were mixed. Some were justifiably angry with the hacker, others were thankful the site was back in the right hands, while some actually praised the hacker.
Firestorm Analysis of Response
Freshome maintained steady communication with their audience throughout the brandjack. While waiting to see what the hacker would do, they immediately posted to their blog and kept that post updated. They also reported the incident to Facebook.
Keeping communication lines open with your community is essential in situations such as this.
In our email correspondence, Cristian explained how thankful he was to have regained the account. “I’m very happy that he [the hacker] decided to do this [return the page] and I feel very lucky because there are still lots of people who had this problem and they still don’t have access to their pages.”
Remember your goals when communicating in a crisis:
- Building, maintaining or restoring trust
- Improving knowledge and understanding
- Guiding and encouraging appropriate attitudes, decisions, actions and behaviors
- Encouraging collaboration and cooperation
When in Doubt, DON’T
Cristian and his team did have a moment of doubt regarding the message they received, but because Facebook’s approach to verifying accounts is less than clear, they plunged ahead.
Said Cristian on the Freshome blog:
“When we first saw this notification we thought that Facebook finally decided to verify [the] Freshome Facebook page (more about Facebook process of verifying pages here – P.S – Facebook is very vague on how this process actually works) ..but it seems that this notification was actually a SCAM. A scam that right now left Freshome.com without a Facebook Page.
Ongoing Saga
Unfortunately, Freshome was not the first (and it won’t be the last) company victimized by brandjacks. In early 2013, Burger King’s Twitter account was compromised. The Twitter picture changed from their logo to that of McDonald’s. Similarly, Jeep‘s social media accounts were hacked by the Syrian Electronic Army (SEA) just days after. Their pictures changed from a Jeep (owned by Chrysler) to a Cadillac (owned by GM). Other companies include Skype and Snapchat. The list is vast and we’ve written on the subject numerous times.
Firestorm has assisted in the recovery of brandjacked pages in the past. To start the process, visit https://www.facebook.com/help/contact/164405897002583 or https://www.facebook.com/help/131719720300233/ and report the issue, using screenshots and other important data to prove you are who you are – if your business page has been compromised, include your business email address.
- Monitor your brand – we use ubervu, a Hootsuite brand as our partner of choice.
- It is important for any Facebook brand page administrator to educate themselves on security precautions to take, and steps to initiate afterward, should an issue occur.
- Please always, as a matter of course, change your passwords regularly and use complex constructs.
- If you have connected accounts, disconnect the accounts after a hack or after recovery, change passwords and reconnect.
What helped Freshome in this? Freshome does have robust social content, and a strong channel and advocate strategy in place. Did the brandjacker give the account back because of this? Hmmm, who knows, but we’re not willing to hang a Good Guy medal on the person who set out to wreak havoc in the first place.
Want to learn more on Social Approaches and what your audience really wants to hear in a crisis? Join Firestorm as we host a webinar with Hootsuite and two of our favorite Expert Council Members, Dr. Karen Freberg and Major Kristin Saling as we discuss “Speaking and Listening in a Crisis – Real Metrics, Real Messaging, Real Meaning“
“What should we do now?” “What should we say?”