Callie Schweitzer (@cschweitz) February 24, 2013
On President’s Day, Burger King marketers woke up to a nightmare.
The company’s branded-Twitter account had been hacked. BK’s reputation was, well, a joke. And by the time the company regained control, most of the internet was laughing.
If they had been bankers, it would have been worse.
Potential regulatory issues; Bank customer losses as a result of social engineering attacks (tricking customers to hand over their passwords and usernames over Direct Message); Perhaps, even, an overall drop in what community bankers count on the most, loyalty.
Those on the front lines say it isn’t all about protecting U.S. government and corporate networks from a single sudden attack. They report fending off many intrusions at once from perhaps dozens of countries, plus well-funded electronic guerrillas and skilled criminals.
Security officers and their consultants say they are overwhelmed. The attacks are not only from China, which Washington has long accused of spying on U.S. companies, many emanate from Russia, Eastern Europe, the Middle East, and Western countries. Perpetrators range from elite military units to organized criminal rings to activist teenagers.
The fact that Twitter has acknowledged that it needs to beef up its security, alone, should scare executives. It’s a signal that perhaps financial services outfits shouldn’t have been so quick to jump into bed with the social networks — trusting their reputations with third-parties.
Yet, they undeniably have.
Bank of America. Chase. BBVA. [Insert your bank’s name here]. Most of all American Express, which is trusting its customer’s transactions with Twitter through its recently rolled-out Sync service (albeit securely with extra authentication built-in, an executive assured me this week).
Still, Chirpify chief executive Chris Teso makes a good point, when he says:
@seansposito Twitter is just a way to trigger a transaction. It's not more or less subject to fraud than any other method.—
Chris Teso (@ChrisTeso) February 24, 2013
In the upcoming week, I’m curious about:
What are the real risks with trusting your brand to Twitter?
What are the worst outcomes of a hijacked account?
And what are banker’s plans to hedge against such attacks, if they should happen?