Definition of impersonation
Online impersonation is when a malicious actor steals someone’s online identity in order to cause damage – financial or reputational, or by intimidating, harassing, or threatening their victim. They can come in the guise of a disgruntled partner, former colleague, an enemy you’ve made along the way or by someone you don’t even know who wishes to steal your identity.
Online impersonation comes in different forms
When looking at online impersonation, it can be broken down into two main areas – for individuals or businesses. Let’s take a closer look:
For individuals
When a malicious actor impersonates an individual, the following can occur:
- Financial loss. The hacker will look into an individual online to gain information about them so that they can use it to steal funds.
- Reputational loss. The hacker can cause so much trouble for an individual online that it could lead to a severely damaged reputation.
- Hacking into a company network using the individual’s identity will allow the malicious actor to steal data or cause even more cyber damage.
When malicious actors impersonate the individual’s conversational partner, the following can occur:
- Catfishing.
- Spearfishing and BEC (business email compromise) attacks.
- CEO fraud, where hackers impersonate the individual’s boss.
- When a hacker impersonates a family member.
For businesses
Impersonation of a business or an individual from an organisation is almost always related to that of a criminal nature since the hacker is seeking financial reward or is intent on harming the business. Online impersonation in this regard can take many forms. Let’s take a closer look:
- Malicious actors can claim that they are from a company you already work with and send invoices for “work” carried out. Keep an eye out for those.
- Business Email Compromise (BEC) is the most popular way for malicious actors to cause “damage” to businesses. Ensure that employees are educated on the warning signs so that they can look out for possible threats.
- Keeping tabs on workplace interactions using online monitoring services is a sure-fire way to reduce risk. Monitor company identity online and check social media profiles for any copying of your brand. Keep a track of everybody who uses and has access to your company’s social media accounts.
Online impersonation vs. identity theft
Identity theft and online impersonation are two very similar crimes, but one holds more serious legal implications. Online impersonation can be defined as an action used to threaten, harass, or scare an individual. Whereas, identity theft involves the use of stolen sensitive information, such as addresses, financial data, or social security numbers to commit fraud.
What to do if you have been impersonated online
An online impersonator can jeopardise your relationships with friends, threaten your reputation or even affect your professional life. Your first reaction will always be to panic, but then you must focus as quickly as possible and try to minimise the damage. Here’s what you can do:
- Ensure that you know all the friends you keep on social media. Hackers often send friend requests to users to gain information about their lives which they later use for malicious purposes.
- Inform all your contacts immediately. If you have fallen victim to online impersonation, then it’s important to ensure that you notify everyone ASAP so that they are aware it’s not you!
- Take screenshots for evidence. If you’ve been harassed or intimidated or have proof of your account being hacked, then keep the evidence.
- Never reach out or communicate with a hacker. It will only make the situation worse and may even prompt them to increase their attack.
- Contact the relevant social media platform to remove any fake accounts or impersonators.
- Contact the authorities if it’s a serious crime.
- Remain vigilant and search online. If one fake account has been shut down, it doesn’t mean that’s the end of it. Stay alert, check social media platforms for your name and search online to make sure there’s nothing else out there.
How RiskXchange can help with online impersonation
RiskXchange can help minimise the risk of online impersonation. Our platform has been developed by a team of cybersecurity experts dedicated to helping businesses across different industries solve complex cybersecurity and compliance challenges using our cybersecurity rating solution that provides an all-encompassing, 360-degree view of your cybersecurity posture.
RiskXchange allows you to detect cyber risks, monitor your current cybersecurity posture and compliance status, build a more secure network, and create an easy-to-understand reporting framework around your cybersecurity program. By continuously monitoring a network, cybersecurity issues like online impersonation will become a thing of the past.
Get in touch with RiskXchange to find out more about online impersonation and what to do if you have been impersonated.