How long will Weiner’s bad online reputation haunt him?

Anthony Weiner is notorious for a gaffe made on Twitter, but will his online reputation recover?

I’m sure everyone remembers the infamous 2011 incident when Representative Weiner became something of a national punchline for lewd tweets that revealed his “private data,” so to speak.

Or do we remember?

At the time, Weiner’s indiscretions left him a laughingstock and a near-disgrace in one fell swoop. Now, as he ramps up a possible New York City mayoral campaign, he’s returned to the same social platform that almost cost him his political career. Is it possible that we will forget and forgive so soon?

A natural byproduct of our 140-character driven world is that everything is always old news. By the time the next tweet or Facebook post appears, we have forgotten the last one. Our online reputation, on the other hand, never disappears. And at some point, we will again value character in our public figures – making digital reputation a permanent, if often inaccurate, representation of that character.   

The lesson here is that you must cultivate your online reputation with the world view that it will forever be public, permanent and powerful. Because our posts and tweets, photos and videos are recorded for all of time, shared with all of humankind and used by ethical viewers and manipulative abusers alike, we must think before we hit the send button.

I bet this time in office, Weiner will pause before sending. Or maybe, just maybe, his reputation will get in the way of winning back the office his indiscretion squandered away.

John Sileo is an online reputation expert and professional speaker on building digital trust. His clients include the Department of Defense, Pfizer, Visa, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.

Online reputation site must defend itself after losing customer data

Online reputation services have a special responsibility to keep clients safe. How can you protect yourself when the very company you rely on is breached?

Would you trust a site with your personal information after it suffered a breach? What if that site’s sole purpose is to protect your reputation?

Reputation.com helps its members maintain a reputable online profile, but the site’s own profile was damaged by a recent data breach that led to the exposure of customer information. Although no Social Security numbers or financial information was lost, names, email addresses, and physical addresses were exposed. It’s been reported that some dates of birth, phone numbers, and occupational information were also lost. A “small minority” of customer accounts had hashed and salted passwords stolen. 
 
Hashing’ passwords is the process of using algorithms to change customers’ passwords to a unique data string. The ‘salt’ adds more characters to produce a unique data fingerprint. The company has notified all customers of the breach and reset passwords to protect them. But Reputation.com is not alone in being hacked recently. LivingSocial, a daily-deal website, was breached, affecting 50 million customers.
Maintaining our online reputation is important to us and the internet, social media and mobile technology are great tools that give us a competitive advantage. However, we cannot ever take our online privacy for granted. Three tips to keep you ahead of identity theft are:
  • Use a password protection program that makes it easy to use highly-encrypted passwords
  • Change passwords on sensitive accounts monthly
  • Maintain strict privacy and security settings in your browser preferences

John Sileo is an online reputation expert and in-demand speaker on data security, social media safety and identity theft. His clients have included the Department of Defense, Pfizer, Visa, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.

Associated Press Twitter Account Hacked by Syrian Electronic Army

The Associated Press’ primary Twitter account was hacked today, allegedly by a group called the Syrian Electronic Army. This is the same group that took responsibility for the 60 Minutes and 48 Hours account takeovers. 

Syrian Electronic ArmySyrian Electronic Army AP Hack

Once again, the Syrian Electronic Army has managed to take over the Twitter feed of a highly respected news agency, the Associated Press. As you can see in the screen shots above, the hackers used the hacked AP Twitter account to falsely report that there had been two explosions in the White House and that President Obama was injured. Note: Both reports are false.

Hijacking high-profile Twitter accounts and using them for nefarious purposes is nothing new. But causing the stock markets, oil and gold prices to plunge in response is a new, critically significant development.

Are we living in an age where 140 characters are so powerful that they can send the Dow Jones down by more than 100 points? Yes, we are.

That is the undeniable power of digital reputation. The Associated Press has a strong, well-respected reputation online and off. The Syrian Electronic Army hijacked that reputation and used it to manipulate financial markets (however briefly).

Immediate Steps that Associated Press, Twitter Must Take

Twitter has been the focus of so many attacks, it makes you wonder when they will begin to take the basic steps necessary to prevent account takeovers like the AP, 60 Minutes and NPR:

  1. Twitter should immediately implement Two-Factor Authentication, which requires both a password and a texted passcode in order to get into an account. This makes it much harder to hack high-profile handles. 
  2. Both Twitter and the AP should champion a User Education Process that trains their users/readers on how to best detect phishing emails (which is how most of these accounts have been taken over). See the painfully simple video below that gives an example of how to educate people users about what a phishing attack looks like.
  3. Again, both entities should give their users guidance on how to create long, strong, site-specific and frequently varied passwords to lower the relative hackability of their accounts.

 

In previous weeks, NPR and CBS both had their online presence temporarily hijacked by the SEA. The group did get its own Twitter account suspended in the process, though new ones have been springing up in response.

Unlike some similar attacks by other groups, the SEA is very public about its involvement, often leaving messages like “Syrian Electronic Army was here.” The official “60 Minutes” and “48 Hours” accounts were among those compromised and made to display pro-Syria tweets bashing the U.S. Although control of the CBS feeds was eventually wrestled back, they have been officially suspended in response.

This hack is a wake up call: the more people you reach, the greater your circle of influence, the more appetizing it is for politically motivated groups to take control of your social media accounts and use them to move markets. 

John Sileo is CEO of The Sileo Group and speaks around the world on social media privacy, identity theft prevention and reputation protection. His clients included the Department of Defense, Pfizer, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.

Your online reputation has a life of its own…even after you die

Here’s a spooky thought: there’s a good chance your online reputation could outlive you on the web – and still be vulnerable to attacks.

Have you ever wondered what will happen to your digital information after you’re gone? It’s a morbid topic, but no less important than dividing up your estate or making plans for your life insurance. Even once you’re no longer posting or “liking” on networks like Facebook, it’s possible that your name will stay active, unless you take plans to deactivate it. And if you don’t, you leave it to the whims of whichever company controls your data – or hackers that manage to steal it.

Some systems already exist to help cope with this situation. Facebook lets you turn the page of a recently departed loved one into a memorial site. Google has recently announced a service currently called “Inactive Account Manager” to allow you to set up “retirement” plans for your profiles after they go a certain amount of time without being used. This is worth considering even if you have no plans of shuffling off this mortal coil any time soon, as it’s a way of keeping forgotten email addresses and other services from cluttering up your computer and impacting your online reputation.

It sounds like something out of William Gibson, the concept of “uploading yourself” to live forever on the internet. But it’s happening all around us; there are even ominous reports of the accounts of deceased Facebook users suddenly being attached to things they may or may not have ever actually “liked.” It’s just another example that proves if you don’t take the reins to control your online reputation, the people who own it will.  Take advantage of the tools being offered to you to make sure your information isn’t doing anything without your knowledge, and won’t do so after you’re gone.  

John Sileo is an online reputation expert and keynote speaker on identity theft, cyber security and fraud. His clients have included the Department of Defense, Pfizer, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.

Social media privacy? Facebook snoops even when you're not logged in

Despite its claim to being aware of social media privacy, Facebook continues to mine user activity for ad data. Now, it’s expanding beyond the boundaries of its site – and even your browser.

Though it claims to respect user privacy and keep its targets protected, Facebook is offering advertisers on its site a new way to narrow its audience through demographics based on specific purchases called “Partner Categories.” Beware of the rather innocuous official announcement which says that a local business could use it to find customers who may be willing to give them their business, according to recent purchases. The feature would accomplish this using third party data collection companies like Acxiom to build predictions based on what you have bought.

Previously, advertisers showed ads to us based on the interests we expressed on Facebook. Now, they have the added ammunition of knowing every product and brand we’ve purchased through our desktop or mobile.

Even if all of our secrets aren’t being revealed to these outside sources, this is still a breach of privacy. And what kind of slippery slope could this be sending us down?

It’s yet another area where anyone with a credit card can be observed without their knowledge. True, it’s hard to imagine a world without omnipresent advertising, and Facebook says this sort of technique has existed for a while. However, bringing it into the realm of online personal networking raises social media privacy concerns.

Advertisers now have even more specific ways to know what we’ve been buying and how that will affect our decisions in the future. It’s a chilling thought to those who would rather keep our shopping history private.

Social media risk management can get overlooked in the face of new developments. But as companies like this find more ways into our lives, it’s important to remember how much of our activity is being watched – and what we can do to protect ourselves. 

John Sileo is a social media privacy expert and keynote speaker on data security, fraud and reputation protection. His clients included the Department of Defense, Pfizer, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.