It’s all about the STRATEGY

True “experts” like Robert Scoble and Chris Brogan have argued that the term “social media expert” is, for most people, a moot title– a point I agree with. In an industry that’s constantly changing, it’s impossible to be an expert in a field that has no predefined boundaries. (Perhaps the only exceptions are Scoble and Brogan, who have proven themselves champions in multiple battles, though the war has hardly been fought). 

With that being said, it comes as no surprise that an article published on cnet today discusses just that: the title, and role, of the social media “expert.” The article, which covers the high ticket price many social media-ites demand(ed) points out many of the flaws many companies are seeing in their current social media “strategy.”

Read more »

33 accounts hacked on Twitter

After a weekend filled with phishing direct messages Twitter users might want to seriously consider changing their passwords (if they haven’t done so already) after hearing about the latest escapade. 33 high profile Twitter accounts were hacked and random (albeit somewhat funny) tweets were sent out from the accounts.

Among the targeted were President elect Barack Obama, Rick Sanchez, Facebook, and Britney Spears. (For screenshots of some of the hacked messages/accounts, visit TechCrunch)

For most users, the security breach brought forth more suspicion about Twitter’s privacy and security policy, and sigh of relief as only the “media elite” seemed to be targeted. (However, Michael Arrington of TechCrunch was not targeted and feels “kind of left out”).

The recent hack, which seems to be the efforts of a prankster, illuminates Twitter’s need for increased security for its users. As Twitter’s population continues to grow, their safety and security efforts should be scalable.

On a brighter note, amidst all of the “panic” Twitter announced in their post today (aptly named “Monday Morning Madness”) that they  “plan to release a closed beta of the open authentication protocol, OAuth this month” which is good news for developers and users alike. Though Twitter is quick to note that OAuth wouldn’t have saved their hides in a phishing scam or hacking attempt, it “is something we can provide so that folks who use third party applications built on the Twitter API can access to their data while protecting their account credentials.”

Beware: Twitter and Facebook Phishing scam

The internet is all a twitter with talks about the latest phishing scam to hit popular sites like Facebook and Twitter. 

Twitter’s Get Satisfaction forum (their help pages) are quickly being filled with users pleading for help, saying they were recently phished. 

Twitter has quickly jumped on the alert bandwagon, posting a message above Twitter feeds on the actual site Twitter.com reading:

However, their main blog, as of 5:50pm  PT on January 3rd remained free of any additional information, but their status blog did have a brief update. In addition to this, users who don’t access Twitter through Twitter.com and instead use popular third party sites like tweetdeck or through their iphone might not see the message and instead, must rely on their friends to retweet the warning.

CNET reports that the phishing scam mimics the recent Facebook Koobface virus:

 Direct messages (DMs) are showing up in Twitter accounts with appealing come-ons to visit a site on blogspot.com. The text is, “hey! check out this funny blog about you…” The URL in the message then redirects to a page that looks like the Twitter login page, but is actually not on Twitter–it’s a site, twitter.access-logins.com, that masquerades as Twitter to steal your login credentials instead.

Recent reports also note that Facebook is also being spoofed in a similar login manner, so user’s best bet is to check their URL for authenticity before clicking on any links in DMs. If it isn’t a pure Twitter.com URL, don’t provide your login credentials.

As far as the “Tweet alert system” goes, I’d say this would make a great case for Twitter to strong-arm their users and pull a MySpace– compelling users to receive messages or Tweets from “Tom” — aka Evan Williams in Twitter’s case, anytime there’s a potential security threat. This would surely assuage many users who are “frantic” with the sheer thought of identity theft.

Twitter: please monetize your site

I’ll be up front about my age: I’m 24, and some of my most formidable childhood memories surround technology. I clearly remember crafting my first AOL screen name in 4th grade and finding ways to manipulate new technologies to my advantage before people really understood their repercussions (Napster, anyone?). I’m what they like to call a “digital native”– binary is mixed evenly with my DNA, and I thrive on new technology. 

Perhaps that’s why I’m so perplexed by Twitter and it’s counterintuitive ways. 

Sure, I’ve blogged about it before. Who hasn’t? It’s all the rage, and hey, who wouldn’t be– it’s quickly becoming more “mainstream”– it’s being mentioned more and more often by celebrities, major news sources, and even TV shows, so it’s no surprise that sooner or later a larger portion of the technically savvy population will jump on the Twitter bandwagon. As of 01/01/09, there’s an average of 1:4 stories on Google News about Twitter: Facebook. That’s a fair amount of “hype.”  And oh, hey, look at that– at the bottom of a Twitter news search on Google, Facebook comes up as a related search term. Ironic.

Hopefully all the “hype” will help the Twitter team develop a feasible business model that is sustainable and provides a non-invasive way of making money of their audience– BEFORE they truly become “mainstream.” Because let’s be honest– no one wants to stay a “start-up” for forever. Case in point? Tonight/yesterday/the past day’s “hash-tag” chat session on Twitter. 

It’s my understanding that it all started with a simple post by Warren Whitlock on his blog, where he encouraged users/readers to “Subscribe to this blog, follow me on Twitter and watch my twitter stream and the hash tag #Happy09for more on the Happy New Year Gift giveaway.” Seems simple enough. Hash tags (#happy09) are common trending tools on Twitter, and are a great way to see what’s going on within the Twitterverse. A quick visit to search.twitter.com shows you a sidebar with the current trends to the right. 

If you’re bored, or interested, you can follow one of the trending topics by clicking on the hyperlink and watching the conversation within the search window. Or, if you’re a more avid trender, you can use a tool like TweetGrid or TweetChat– both of which will track and refresh the conversations/trends you’re interested in. 

As to be expected, most conversations move at a relatively slow to moderate pace. However, this wasn’t the case with the #happy09 hash tag– instead, the conversation moved at a lightning fast pace, reminiscent of old AOL or Yahoo! chat rooms–  long before the bots invaded them, and before people truly understood the technology and talked aimlessly at random people. 

The ambiguous hash tag had an incredible viral propensity– users quickly followed one another,and shared their wishes for the new year. In turn, their followers inquired about the #happy09 tag, and started using it themselves, and the conversation grew to exponential proportions. 

I read the #happy09 messages for quite a while– participating some of the time, but most of the time, noticing trends. There were a lot of moms tweeting, a lot of moms who homeschool their kids, and quite a few people using Twitter to creatively network. I saw one woman using it to find potential employees, another woman using it to help another person find a job (she’s a recruiter, the other person was looking for a new position), a networking event, and several people promoting their own skills/trades/abilities to a broad audience. I even saw “rival” trending tag (they were #4 at one point in the day/night), #tcot using the #happy09 tag to promote their interests. (By the way, all of this made me ecstatic– I love seeing technology being used to connect people in meaningful ways). 

Oh, what a viable marketing opportunity this would have been for Twitter, TweetGrid or TweetChat. The number of impressions on the #happy09 tag is clearly quite high, and any advertiser would have probably had a pretty successful click-through conversion rate on any number of ads within any of the platforms. And to think, if Twitter were to take it a step further and would index/register each Twitter user’s tweets with Google for crawling, the amount of page returns/searches based on each tweet and potential ad could be phenomenal. 

There are plenty of instances where hastags don’t take off the way that #happy09 did, but it doesn’t mean that Twitter couldn’t find a way to monetize them. Companies like Coke, Pepsi, etc could pay to “own” these hash tags, and configure a “boomerang” type tweet that is enabled any time a user mentions these brands or uses the hashtag or the product name in conjunction with a few other key “buzzwords”– this would set off an automatic ad “retweet” or the “boomerang” effect, where the user would then see an ad within their interface pertaining to that specific product. With the right algorithm, that’s targeted, contextual marketing at its best.  

Until Twitter comes up with a clear monetization strategy, they’re going to continue to miss out on opportunities like tonight, and they run the risk of growing too large and running too “clean” (aka ad free) of a site before they make the change, and will end up just like Napster and AOL. A has been.

Social networking and the hunt for a new job

With 533,000 jobs lost in November alone– the largest monthly decline since the 70s, it comes as no surprise that more and more articles are popping up about how to network, find a better career, or prove your value. 

The Wall Street Journal has begun following “eight out-of-work M.B.A.s as they search for jobs in a post-meltdown world,” in an effort to empathize with the downward marketplace, and to provide a positive resource for some of the many Americans who are professionally displaced. 

None of this comes as a big surprise: as the economy changes, the media reacts, so many of the articles have been somewhat lackluster. Most recommend brushing up on new technology so that those who were laid off remain desirable and competitive; others suggest reducing your financial overhead and planning for a layoff, even if you haven’t already been laid off. And nearly every article I’ve come across in the past few months has also recommended networking with your peers. 

For those of us in the social media space, this seems incredibly natural, and almost pointless to mention. Personally, as soon as Yahoo! announced the layoffs, I started checking out the marketplace– seeing what types of jobs were available, and made sure my resume was up to date. Then, when December 10th came around, I was ready to go. 

But a quote in an article in MSNBC caught me by surprise today that seems to somewhat discredit the validity of finding a job on social networking sites. Eve Tahmincioglu, the article’s author, interviewed  Michael Stefano, assistant professor of communications at University of Buffalo for insight on social networking sites and the job hunt. 

Stefano recently conducted an experiment where he had 50 college students select 12 of their Facebook friends and ask them to help with a school project by taking a 10-minute survey. Of the 600 total asked, only one out of seven responded on average, he says. The majority did not even click on the URL to look at the survey.

Helping someone find a job will take a lot more time and energy than that, Stefano points out. While he admits there are anecdotal stories about people finding jobs via these sites, he’s “doubtful” they are statistically significant.

The article goes on to say, ”there are no hard numbers that show networking portals are any more effective than picking up a phone and asking friends if they know of any work. And these sites are not far-reaching, having long been focused on professional office dwellers, not blue-collar or service-sector workers.” Granted this may be true (I couldn’t find a relevant ComScore study or Nielsen study that would say otherwise, or even tested the idea in a scientific manner) but Stefano and Tahmincioglu are completely missing the point in these initial quotes: Facebook and LinkedIn are only as reliable of a resource as the people you “friend” or “connect with” on the sites.

Tips from MSNBC

Stefano argues that he had 50 students ask their Facebook friends to complete a survey and the results were dismal. Perhaps the surveyor should look at their friends, instead of the resource and compare that information. Stefano’s data is completely irrelevant unless he had a control in the study: his students should have asked the same set of 50 friends to fill out the same exact survey through a different medium– either in person, phone, IM, or email, to truly test whether or not it’s the resource or the contact that’s unreliable. 

In addition to this, to continue on saying “finding a job will take a lot more time an energy than that”– well, that doesn’t take a genius to figure out. The likelihood of someone seeing your plea for employment, knowing of a perfect opportunity, referring you, and you being hired is probably slim to none. But, the potential for one of your contacts to see your plea for employment and think of you and refer you to a friend is greatly increased by the exposure that you wouldn’t have gotten had you not posted your new unemployed status on Facebook or LinkedIn.

Tahmincioglu provides an example of this later in the article, and also suggests users create a “Web presence” by creating a social networking page and differentiating yourself by using your middle initial if there are duplicates of your name online. What Tahmincioglu fails to warn novices is that if you’re attempting to look like you “get” Web 2.0– be sure you actually do.

Make sure your online presence accurately reflects who you are in person as well. There’s nothing worse than interviewing a candidate that you Googled prior to the interview and sitting there knowing that she has a photo of herself and Ron Jeremy as her default image on Facebook (trust me, I’ve interviewed many candidates who satisfy this criteria) but sit in the interview and present themselves as incredibly professional and non de-script in person. Online and realistic parity is the best way to find success– both on and offline. 

Whatever you decide to do– whether it’s create a social networking page to make yourself more googleable, or, update your LinkedIn page to keep your professional skills up to date, be sure to reach out to the people you know first. You’d be surprised by how many referrals/connections you’ll end up with, and you’ll have the added bonus of getting past the “black box” of mindless online resume submissions by actually knowing someone at the company. Either way, good luck, and happy hunting!  

Facebook: you got served?

Lawyers in Australia have recently started using Facebook to serve legal papers, says Reuters. In the article, an Australian attorney says:

“We couldn’t find the defendants personally after many attempts so we thought we would try and find them on Facebook,” lawyer Mark McCormack said.

“We did a public search based on the email address we had and the defendants Facebook page appeared.”

He said that was enough to convince the court, which found Facebook was a sufficient way of communicating legal papers when it is the plaintiff’s responsibility to personally deliver documents.

This may seem like a giant win for the legal system, but seems like a potential loss for many citizens as the question of authenticity and validity comes to mind. The article fails to outline the steps that the Australian legal team took to verify that the Facebook account actually did belong to the correct plaintiff, but with so many duplicate names and spoofed pages on the internet, it makes you wonder if this is truly fair to the party at fault. 

Celebrities have long been victims of online spoofing– recently, the New York Times featured an article about Shaquille O’Neal claiming his namesake on Twitter because an impostor was using his name to send messages to Shaq fans– pretending he was the real deal. Kanye West is yet another celeb to fall prey to fans wishing to fool other fans.

But celebrities are the extreme– it becomes difficult for everyday users to discern who is actually a celeb online (making sites like Twitter and MySpace the perfect place for posers to make their mark), but when it comes down to legal matters, it’s very easy for the judicial system to distinguish who actually is a celebrity and who isn’t– both on and offline. 

This isn’t the case with everyday users. For most people, a quick visit to a site like How Many of Me  will prove the fact that you’re not the only one with your name. When you take that information, add in the ambiguity of the internet, and the ability to spoof simple information like email addresses, home addresses, and even photographs, online verification becomes nothing more than a false sense of security and identity.

Who is to say that the Melissa they serve papers to on a Facebook account is really the Melissa they intended on talking to? Currently there are over 435 different Melissa’s in the US that have my same first and last name, according to US Census data.

Personally, I have somewhere between 5-10 social networking profiles online– if each of the other Melissa’s follow suit, that’s anywhere between 2,175- 4,350 profiles to sift through, including all of the abandoned and neglected profiles that none of us visit. This sets up users for a nasty surprise upon login, especially if a user isn’t a regular visitor of that particular social networking site that the legal team targeted. 

In addition to this, posting a message on someone’s Facebook wall also seems to open up Pandora’s box for spammers and additional legal action. As it stands, there are already enough ways for people to retrieve a person’s identity– allowing for legal action on Facebook seems like yet another way for people to maliciously attack users. 

All in all, posting a message on someone’s wall on Facebook shouldn’t suffice as legal notice until it’s been verified that that in fact, is the correct person and Facebook and the Government come up with a stable way of doing so. Until then, it will be hard to take it seriously.

Koobface: Facebook’s Latest Battle

Earlier this week my Facebook inbox greeted me with a friendly mail notification, from a long lost “friend” whom I haven’t spoken to in ages. In the email, was a link, telling me I look awesome in this video.

At first I was flattered. I mean, who wouldn’t be? A long-lost friend managed to find me, tape me, and somehow managed to capture my “awesomeness” in a video? It seemed too good to be true. And, it also seemed like a hoax.

By now, we’re all familiar with the MySpace viruses– so much so that Tom and his crew over at FIM have had to warn you (Facebook has followed suit) whenever you are clicking a link that takes you off their site. It only seemed like a matter of time before Facebook got hit with their first real gem of a virus– and it’s name is Koobface.

PC World writer, Brennon Slattery describes the virus’ behavior:

Once the URL is clicked, “Koobface” prompts you to update your Flash player before the video can be displayed. Therein lies the virus, cloaked in a “flash_player.exe” file. According to the Kaspersky Lab, an antivirus organization working closely with Facebook, “the worms transform victim machines into zombie computers to form botnets.”

The McAfee Security Blog explains that when “Koobface” infects your computer, it prompts a downloaded service named Security Accounts Manager (SamSs) to load on start-up. SamSs then proxies all HTTP traffic, stealing results from popular search engines and hijacking them to lesser-known search sites.

For many users, “Koobface” will come as a wake-up call about internet safety. Many of us go about our daily internet lives convinced we know which sites are safe– and, I’d bet you’d be hard pressed to find a user who thinks MySpace is safer than Facebook– but all it takes is a few clicks for a your personal computer (and information) to become a thing of the past. Who knows, maybe will double as the perfect opportunity to remove all those pseudo-friends on your Facebook friends list, you know, just to reduce the risk of infection.