Social media impersonators; the new threat landscape

Share this:

Online impersonation is growing more prevalent every day. When it comes to infiltrating an organization, cybercriminals have more tricks up their sleeves than just phishing attacks these days. Social media sites, including LinkedIn, have become the new and favored trend in cyberattacks.

Most businesses use social media for a variety of reasons, such as brand awareness, spreading their message, recruiting new hires, promoting their products and services, communicating directly with customers, generating leads, etc.

Those benefits, however, can come with a price as social media presents a unique risk; that is having impersonators using the reputable name of a trusted organization to profit illegally and if that’s not bad enough, they go as far as targeting its customers with cyberattacks.

For the impersonator to weed their way into an organization, it takes only one employee to gain access. Trust comes from getting to know the victim. To arm themselves, cybercriminals can use powerful AI and software to scan social media accounts for pertinent information about their victim’s life. If you are active on social media, it’s a treasure trove for hackers to gain information based on your interests, involvement, work, etc. As examples, the posts you “like” on Facebook, your cool new car on Instagram or an alma mater on your LinkedIn page are all windows into your life as well as the information mined from the online quizzes and personality tests you take.

Having gained enough information about a potential victim, a cybercriminal is ready to create multiple fake profiles for themselves on social media that are plausible enough to fool their victims. They use identifying elements of a person, company, or organization, including bogus blogs and phony email accounts, on their social media for fraudulent purposes. LinkedIn and Twitter are commonly used platforms for this type of activity.


Once a target has been identified, the impersonator begins to add their friends, colleagues, associates, etc. as connections. Next, they start to “like” and comment on posts the victim’s connections share. This process creates the illusion of being a credible person. When a substantial amount of activity and connections have been made, the bad actor will send a connection request to the potential target. Between the activity logs and mutual connections, this creates a false sense of security for the victim.

In turn, the victim comes to trust the impersonator by way of mutual connections, identifying elements and interests leaving them self and business as potential targets for the criminal’s social engineering attack(s).

Managing an encounter with an imposter

  • Audit your contacts and connections
    Only connect with people you know or trust. If you consider potential suspects or individuals you no longer want to access on your social media accounts, or at the very least are not 100% sure about, block or remove them from your list.
  • Be proactive
    Post to your LinkedIn, Twitter, Facebook and Instagram accounts about the imposter and to block them from their social media accounts. It is best to reach out to friends and family as soon as possible because they could potentially become the first targets of an attack.


    • If someone you do not know is posing as an employee at your company, notify management as soon as possible so the administrator of the company’s social media page can take immediate action and report the fake account.
    • The business owner should also be proactive and send out a warning to all clients/customers, associates, vendors and contacts about the imposter and not to interact with them or respond.
  • Beware of urgent notices
    If you get urgent notices to “click here to reset your account,” carefully check the sender’s return email address and hover your mouse over the link to check the website address. Do NOT click on it. Instead, go directly to the URL in a new tab.
  • Take screenshots
    For future reference, it could come in handy to take screenshots of the imposter’s account and related activities in the event they block you. It might not hold up in court; however, it may be possible they could help in a criminal or civil case against a known individual deliberately targeting you.
  • Have no contact with the imposter
    It serves no purpose and will not change anything.
  • Report the imposter
    The process varies among social media platforms. If instructions are not easy to find, Google the process for the current instructions. It could be helpful if your social media connections were to report the imposter also to speed up having the imposter’s account removed sooner.
  • Check all your social media accounts
    Make sure you can sign into your other accounts to ensure you have not been compromised.
  • Follow-up
    Stay vigilant. The imposter may change identity again to continue to gain access to your company, family, friends or other contacts.


If you encounter an imposter, follow the managing tips above. If we can help you with this or your company’s unique demands, Connect with a Client Success Manager to schedule a time to discuss your needs and how we can meet them.



OrlanTech is a managed service provider (MSP) that was founded in 1995 and is now the market leader in delivering technology-as-a-service to small and medium size businesses (SMB) in the central Florida area.

Make IT Work

  • 1

    Talk with an OrlanTech expert

  • 2

    Discover reliable advice and fast support

  • 3

    Be safe, secure and productive