The final stop in our odyssey across the stormy sea that is reputation management tells the story of the Trojan. At the time of the following incident, we were sending out quite a few emails to our customers on a regular basis. Although the offers never came in ZIP files, the average customer would, at the time, probably not have been that suspicious if we had actually done so.
On Twitter, we were pinged at our specific account asking whether we had sent out an email containing a ZIP file. As this was only one user, we thought at the time that he was indeed targeted for spam, but that because he had grown suspicious, the email would obviously look fake and people wouldn't open it. A few moments later, we received the screenshots. The situation turned sour when we noticed that the email was in fact a clone of our own - except for the ZIP. To complicate matters, there was no real way to obtain structured social data for when it started, its geographical context or how it was spreading. This was at a time when Twitter Firehose only gave away minute amounts of data to monitoring tools, and their own analytics were not yet developed for company use. As aforementioned in our previous post, the tools available were aimed at social publishing and analysing vanity metrics, rather than real brand analytics.
What did we do?
The social conversation was going on in several different countries, and each country's office was using their own tools for monitoring - hence, syncing and backtracking exactly where the problem originated was complex. We had to know this - to determine where to concentrate the most communication efforts and prepare customer service efficiently. Why? Since we did not yet know if it had spread consistently in local areas, or just randomly on a global scale. When these kinds of things happen, the most time consuming factor is often getting a clear picture of how things are spreading, and being able to differentiate this from your daily monitoring. Per definition, sorting will become the key to success. The rest is mostly done ad-hoc with events playing out in real time, so scheduling and analysing posts becomes very low priority. After almost two days it became clear where the problem had begun, following our filtering of the social conversations regarding this problem. It was isolated to the US and Europe. The next step was to send out emails in these regions with a unified message, so as to minimise any confusion that the email had already triggered.
To be proactive in your online reputation management, make sure that you don't stare yourself silly at your brand monitors - these will often show deviations when the storm is in full effect. Had we been able to gather the social media intelligence in a fast and shareable way, we could have assigned support tasks between offices and coordinated the communication efforts much better, as a united brand.
Obviously, a vital lesson is that you should have better internal security so people can't actually steal your entire email template straight up. This was a scenario bound to happen, yet no one had made any plan of how to handle misinformation online or the possibility of a "hack". Hopefully this is a thing of the past for most companies in 2016.