Walmart Careers Facebook Page Compromised
Earlier this evening, Walmart’s Careers page on Facebook was compromised.
Two suspicious posts appeared on the Walmart Careers page.
Walmart will no longer be accepting applications from anyone of African-American decent, read more here: http://walmartstores.com/careers
In regards to our last update, our studies in the past have shown that “African-Americans” tend to steal more often and have a significantly worse work ethic than those of Mexican, and Caucasian ethnicity’s.
In addition to these posts, Walmart’s main profile image for their careers page was defaced with an “X” mark over the face of an African-American employee featured in the photograph.
Walmart employees and loyal devotees to the brand became suspicious and reported the activity.
Within a short amount of time, the images disappeared, but the offending posts remained. Not long after the images were taken down, the Walmart careers page was taken down entirely. It is uncertain whether Walmart employees were involved in the takedown or if those behind the compromise removed the page themselves.
Facebook Pages and Admins
Over the last few years, big brands and small businesses have adopted social media into their marketing strategy. One of the key features that Facebook pages offer these brands is ability to have multiple administrators for a page. These administrators are granted access through their personal Facebook accounts. Therefore, it is likely that whomever obtained access to the Walmart Careers page did so by compromising an administrator’s Facebook account.
Whether to Phish or to FireSheep?
Uncertain as it may be to determine the exact method used to compromise an admin account, there are a few likely suspects (note: this is my own speculation):
Phishing - This method requires a little more work but, if a Walmart employee that was an administrator for this page was phished on their personal account, the scammers would gain access to the Facebook page with relative ease.
FireSheep - This is a free Firefox extension that gives users the ability to hijack unencrypted sessions on public WiFi networks. It is possible that an administrator of this page was browsing Facebook without HTTPS enabled on a public WiFi network, such as a Starbucks. A scammer may have been sitting on the network and discovered this account was tied to the Walmart careers page.
Don’t forget to Enable HTTPS
This incident should serve as a reminder to many marketing employees as well as Facebook users in general. If you haven’t done so already, enable HTTPS for all of your social networking accounts.
And please advise your fellow employees and/or administrators for brand pages to do the same.
Brewing Companies’ French Web Sites Hacked
Kha&miX like to keep it sober
It seems that last Wednesday was not a very cheerful one for the French versions of the Web sites belonging to several brewing companies, such as Buckler, Panach, Pelforth, Heineken and Amstel. (A couple of ) hackers operating under the aliases Kha and miX systematically defaced the respective companies’ local pages hosted on… read the full story here.