Stopping Brand Impersonation on Social Media

Word Count: 1,673 Estimated Read Time: 6 ½ Min.

In this high tech, fast-paced, disposable and hyper-competitive world, fakes abound.  There are fake diamonds… not just cubic zirconia. Cubic zirconia is a synthetic gemstone made from zirconium dioxide, while lab-grown diamonds are actual diamonds created in a laboratory using processes that mimic natural diamond formation. Except that they differ significantly in their composition, durability, brilliance, and value.  So even lab grown diamonds are fake.  There is fake news ranging from exaggerations to outright lies told by platforms that claim to be legitimate news outlets but adhere to none of the ethical rules of reputable journalism.  There is a plethora of fake products ranging from purses to perfumes.  There are certainly lots of fake photos and videos now thanks to AI.  And then there are fake social media accounts for both celebrities and famous brands.

While imitation or impersonation may once have been considered the sincerest forms of flattery, when it comes to social media, it’s anything but. On platforms like LinkedIn, TikTok, Instagram, Facebook, Twitter, and YouTube, imitation and impersonation pose significant threats to brands, whether they are B2C retail giants or B2B service providers. The damage can be swift and severe, impacting reputation, customer trust, and even the bottom line. It’s a risk that every business owner, company leader and marketing professional must take seriously.

The core of the problem lies in the ability of bad actors to create convincing fake accounts that mimic a brand’s official presence. These impersonators use similar logos, names, and even content to deceive followers. The consequences of such deception are far-reaching and can manifest in several ways:

1. Reputation Damage: False information spread by impersonators can significantly harm a brand’s reputation and erode customer trust. This can lead to decreased sales, negative publicity, and difficulty attracting new customers.
   
   
2. Identity Theft: Impersonation can lead to identity theft, where scammers use information stolen from either the company or customers or both for various malicious activities, including opening fraudulent accounts or making unauthorized purchases.
   
   
3. Erosion of Trust: Brand impersonation erodes trust in the brand and the platform where it occurs. When users can’t easily differentiate between legitimate and fake accounts, they become more hesitant to interact with the brand or engage with content on the platform. They might see it as a sign that a brand that cannot protect itself will likely not be able to protect their own data from hackers.
   
   
4. Legal and Operational Issues: Dealing with brand impersonation incidents can lead to legal and communication challenges, requiring businesses to dedicate resources to combating the issue and managing its fallout. And even force the company to add staff, protocols, and systems to protect from future attempts.
   
   
5. Financial Harm: Impersonators can use fake accounts to steal money, scam users into purchasing fake products, or collect sensitive information like credit card details for fraudulent purposes.

The examples below illustrate just how real and widespread this threat is, and how even the most established brands can become targets.

Case in Point 1:  Tesla and the Cryptocurrency Scammers

Tesla, the electric vehicle and clean energy company led by Elon Musk, is a brand that operates on a global scale. While it is a retailer of vehicles and energy products, a significant portion of its brand power is built on its innovation, future-forward vision, and the personality of its CEO. For years, the brand’s social media presence has been a target for cryptocurrency scammers.

What was done? Scammers created hundreds of fake X (formerly Twitter) accounts that closely mimicked the official Tesla account and, more often, Elon Musk’s personal account. These accounts used the official Tesla logo or a slightly altered version, and their display names were often a single letter off from the real thing (e.g., “Elon Mvsk” or “TeslaMotors_”). The bio would often contain a link to a fake “giveaway” or “investment opportunity.” The scam worked like this: the fake account would reply to a legitimate tweet from Elon Musk, often a highly popular one, with a message claiming that Tesla was running a limited-time cryptocurrency giveaway. To participate, users were told to send a small amount of Bitcoin or Ethereum to a specific wallet address, and in return, they would receive a much larger amount back.

Who did it? The perpetrators were a decentralized network of scammers, often operating from different parts of the world, making them difficult to track. They would use bot networks to quickly create and spread these fake accounts. Their goal was purely financial gain, preying on the trust and excitement surrounding the Tesla and Elon Musk brands.

How were they caught? The sheer volume and repetitive nature of the scam tweets made them a major red flag for both users and Twitter’s platform security team. Users would report the fake accounts, and the official Tesla and Elon Musk accounts would often have to issue warnings to their followers. The fake giveaway wallet addresses were also easily traceable on the blockchain, revealing that millions of dollars were being siphoned from unsuspecting victims.

What did the brand do? Tesla and Elon Musk have had to repeatedly address the issue publicly, warning their followers not to fall for these scams. Elon Musk has even changed his Twitter name on occasion to include a warning like “I am not giving away crypto.”  Twitter, now X, has also implemented more aggressive measures to combat these types of scams, including requiring account verification and using AI to detect and remove accounts that exhibit this behavior. However, the cat-and-mouse game continues, and the brand has had to remain vigilant, constantly educating its audience about the threat.

Case in Point 2:  The LinkedIn Impersonation of a Prominent Consulting Firm

A well-known global management consulting firm has a strong B2B brand identity built on intellectual capital, thought leadership, and trust. They don’t sell products directly on social media, but they use platforms like LinkedIn to attract top talent and establish their reputation as a leader in their field. 

What was done? A scammer created a fake LinkedIn company page that looked almost identical to the Consulting company’s official page. The impersonator copied the firm’s logo, branding colors, and even some of the official job descriptions. They then started sending connection requests and messages to recent college graduates and young professionals, offering them “exclusive” job opportunities at the firm. To secure the job, the applicants were told they needed to pay a “processing fee” for their background check or for a “training kit.”

Who did it? The perpetrator was likely a single individual or a small group of scammers targeting job seekers who were desperate to work for a prestigious firm. Their motivation was purely financial, and they were exploiting the trust associated with that trusted brand to make a quick buck.

How were they caught? A recent graduate who was a genuine candidate for a position at that consulting firm received one of these fake job offers. The email address and the “processing fee” request seemed suspicious. They cross-referenced the email with the official consulting firm’s website and found a discrepancy. They then contacted the real HR department at the firm, who confirmed that the offer was a scam. Other users on LinkedIn also began reporting the fake company page and the fraudulent messages, leading LinkedIn to investigate and take down the page.

What did the brand do? The consulting firm immediately issued a public statement on their official social media channels, including a prominent post on their real LinkedIn page, warning job seekers about the scam. They also updated their career page with a notice explaining that they would never ask for money during the hiring process. Furthermore, they established a dedicated email address and hotline for people to report suspicious communication. The brand now also includes a clear “how to spot a scam” section on their careers page and in their official communication, a preventative measure to protect their brand and potential employees.

Incidentally, in case you think you know exactly which consulting firm was the one referenced in this case study, you’re likely wrong.  In recent times, several global management consulting firms have been impersonated on LinkedIn as part of recruitment and other scam attempts. Firms involved included:

• Deloitte: Scammers have impersonated Deloitte employees, claiming to offer job opportunities and even requesting sensitive information like Anydesk IDs or email passwords under the pretense of registering candidates on their job portal.
  
  
• E&Y (Ernst & Young) – Fraudsters have posed as EY employees and contacted job seekers, sometimes requesting payments or confidential personal information as part of fraudulent job offers.
  
  
• KPMG – Individuals claiming to be KPMG partners, employees, or representatives have used social engineering to approach prospective employees on job boards and social media platforms, including unauthorized use of KPMG logos and employee names.
  
  
• PwC (PricewaterhouseCoopers) – Scammers have issued fake job offers from legitimate organizations using the name of a PwC partner as the sender, and have even created fake companies like “PWC Oil & Gas LTD” for fraudulent purposes.
  
  
• McKinsey & Company – Scams and false offers of McKinsey employment have been observed using imposter websites, email addresses, and text messages. These scams sometimes involved interviewing via instant message, or requesting candidates to purchase products or services, which is not part of McKinsey’s legitimate recruiting process. 

Brand impersonation or imitation is not cute or funny.  It certainly has been no laughing matter to powerhouse firms like McKinsey or E&Y or PwC.  These are companies whose business model is predicated on trust, respect, and savvy.  Being ridiculed online by hackers for all the world to see can obviously be quite damaging.  Each company took the threat seriously and acted quickly to protect their brand.  But clearly, it is happening everywhere… to even the most iconic and established brands.

Next week, we will look at a couple of other companies that faced similar threats to brand on social media and the measures they implemented to deflect damage and detect future threats.  And we’ll provide a laundry list of strategies your company can implement as well.  Stay tuned.

Quote of the Week
“We don’t have a choice on whether we do social media.  The question is how well we do it.”
Erik Qualman, Professor of Digital Leadership, Northwestern University 

© 2025, Keren Peters-Atkinson. All rights reserved.