The CEO of a global media firm received an email from a client who joked that they both had joined the trendsetters who were on Threads, the Meta social media platform that had more than 70 million sign-ups within 48 hours of its launch. The CEO learned next that her profile included a post offering to double any money in bitcoin that was received through a submission link. Imagine her reaction since she had not gotten around to opening a Threads profile and certainly would never make such a post. She immediately contacted the firm’s CISO, asking him to get the profile taken down from Threads.

​

Knowing time is of the essence in such a situation, the CISO reached out to a professional networking group and through one of its members connected to a senior threat analyst at Insite. Once briefed, the analyst knew taking down a fraudulent profile on Threads was going to present unique challenges. Threads offers the ability to report profiles that have false information but profiles on this new platform are generated through Instagram - meaning you need an underlying Instagram account to create a Threads account.

​

The deactivation of a Threads account does not affect the Instagram account used to create it so the impersonator can continue to use Instagram to recreate the same fraudulent profile on Threads. Taken a step further, even if the Instagram account is removed, it is still incredibly easy to create a new Instagram account and therefore a new Threads account to continue the scam.

​

The longer the CEO’s fake account and scam post remained up, the more potential for reputational harm. The analyst immediately got to work and leveraging preexisting relationships, liaised with both Threads and Instagram to get the fake profiles removed and the sources blacklisted. They then configured the algorithms of our intelligence platforms to search the surface and deep web to identify all potential sources for the fraudulent accounts. This ensured that the next time a scammer impersonated the CEO, Insite would be able to detect and remove the profile and issue a report to the CISO before the CEO even heard about it.

​

Takeaways: A fraudulent profile that is functioning for even 24 hours can cause damage to the reputation of the person who is impersonated and their organization. It can also lead to physical threats if someone is defrauded and falsely blames the impersonated person rather than the underlying scammer. Insite stays current on takedown procedures for all major social networks, even the new ones with overnight success that have not had time to prepare for the onslaught of attention by fraudsters.