A hacker commandeered a tourism agency’s Facebook page and abused that unauthorized access to make a series of bizarre postings.Early in the morning on 4 December, the Facebook page for Explore Minnesota Tourism began publishing some unusual content. The stories consisted of fake news items with headlines such as “Detroit woman gives birth to her 14th child from 14 different fathers” and “Woman arrested for training squirrels to attack her ex-boyfriend.” A screenshot of the latter story’s publication on Explore Minnesota’s page is displayed below.
Frame grab from Explore Minnesota Tourism Facebook page. (Source: StarTribune)All of the bizarre postings originated from newsprovidr[dot]com, a provider of fiction news which claims to be “just another WordPress site.”The postings continued throughout the day until 16:30 local time, when Explore Missouri with the help of Facebook secured access to its page and removed the posts. Leading up to that time, the tourism agency used its other social media channels, which were all unaffected, to warn visitors not to click on any of the fake news items published to its Facebook page, which boasts about 226,000 fans.Anyone who did click on the news items should scan their computers for malware.As of this writing, Explore Missouri is looking into how the hack occurred. Alyssa Hayes, a spokesperson for the tourism organization, said as much in a statement released to Minnesota Public Radio:“We are not aware of who exactly the hacker is because Facebook is still investigating the situation. But we do know it is a random hacker.”Computer criminals can have various motivations for hacking an organization’s social media account. To protect against this type of security incident, companies should focus on implementing security controls. For instance, they should protect all their social channels with multi-factor authentication. They should also use a strong password for authentication and store it securely.For information on how security controls and Tripwire’s products together can protect access to social media accounts and other parts of the business, click here.