A business engaged in brandjacking assumes the identity of another brand to access its audience while also undermining its identity, integrity, authority, or messaging.
In simple terms, an entity engaged in brandjacking is pretending to be someone they are not to damage brand equity or reputation.
Brandjacking is a portmanteau of “brand” and “hijacking” and was coined by domain management solution provider MarkMonitor.
The most obvious example of brandjacking can be seen in phishing scams. Between 2013 and 2015, Facebook and Google lost more than $100 million after being sent fake invoices via email.
The invoices were sent by a Lithuanian hacker masquerading as an Asian manufacturer the companies regularly did business with.
Brandjacking is also prevalent on social media.
Here, malicious actors create accounts with branded profile pictures to give the impression they represent the company they are trying to discredit.
After Target announced it would remove gender descriptions from in-store signage, individuals posing as customer support representatives were rude and dismissive toward actual customer concerns.
Similar instances of impersonation on Facebook have also targeted prominent figures such as Barack Obama, Sarah Palin, and many other politicians and major corporations.
Lastly, brandjacking may take the form of advertising campaigns.
In 2010, Greenpeace campaigners created a video that parodied Nestle KitKats and highlighted the company’s use of unsustainable palm oil as an ingredient.
Greenpeace also protested outside the Nestle UK headquarters with altered slogans using the Nestle typeface and brand colors.
How can businesses and consumers protect against brandjacking?
With brandjacking attempts growing more sophisticated, it is unlikely any single action will prevent them from occurring in the future.
However, there are several preventative measures the exploited entity can take.
Using social listening tools
Businesses should invest in tools enabling them to track conversations about their brand.
This means they can go into damage control early should they be subject to brandjacking.
After failing to monitor social media mentions, Heinz fell victim to an anonymous Twitter user who pitched the company’s products based on personal political opinions.
Create a crisis management response
This helps the relevant department to respond and adapt to situations quickly.
Purchase brand-related domains
In addition to the primary domain, businesses should register variations similar to their brand name or important keywords.
They should also register common misspellings or alternative domain name extensions where possible.
This prevents others from registering them with malicious intent.
Become more discerning of incoming emails
Consumers should avoid becoming victims by carefully analyzing emails asking them to upgrade credit cards or other sensitive information.
Instead of clicking on dubious links within emails, the individual should contact the company directly to confirm whether a problem exists.
While trademarks are not a panacea against brandjacking, they do act as a deterrent and deliver important benefits to the business.
Chief among these are the right to sue a malicious actor in court and entitlement to specific, brand-related damages.
Twitter’s blue check roll out, and brandjacking
An interesting recent example of brandjacking happened in 2022, as Musk took over Twitter.
Twitter – experimentally – launched a paid feature enabling people to get verified if they paid $8/month for Twitter’s subscription service.
Things got pretty messy, as accounts verified for paying the subscription impersonated other corporate accounts, creating huge repercussions.
This cascaded into brandjacking, with a significant example of an account impersonating Eli Lilly, the pharmaceutical giant.
The fake account, which had, in the meantime, secured a blue check by simply paying the $8/mo subscription, pretended to be the official account of the company and it announced it would make insulin for free, thus enabling a stock crash.
Twitter had to halt the verification service to prevent other cases from happening.
- Brandjacking involves an individual acquiring or otherwise assuming the identity of a brand or business under false pretenses. The goal is almost always to discredit or damage brand equity or reputation.
- Brandjacking can take multiple forms. The most obvious example is phishing, where malicious actors falsely represent companies for financial gain. Brandjacking is also seen on social media and in advertising campaigns.
- Brandjacking can be mitigated but never avoided completely. Social media listening tools and a crisis management response are effective ways for businesses to limit negative exposure. Consumers must also be wary and vigilant of emails asking them to disclose personal information.
Visual Marketing Glossary