Billions of Google searches occur every day. Sources estimate that the average person conducts between three to four daily Google searches. While these statistics do not include searches occurring on Bing (2.96%) or Yahoo (1.51%), Google maintains about 92% of the search engine market share. While Google is protective of specific search statistics, the company does provide a yearly list of the top trending Google searches. A quick review of the tending search list for 2021 shows both companies and individuals in the top searches. It is safe to say that you and your company are being Googled frequently.
Google provides us with an immense amount of information at the click of a button. While Google undoubtedly makes our lives easier, this instantaneous access to information has created an opportunity for cyber-attackers to interfere with search results.
While you can’t completely avoid an attack to your online reputation, you can take preemptive measures to minimize the impact and duration of reputational cyber-attacks. Businesses and individuals should consider the following seven simple steps to protect their online reputations.
The value of conducting regular Google searches of your name and business cannot be understated. While most people occasionally Google themselves, many only do so when applying for career opportunities or engaging in an important business interaction. Unfortunately, if something negative pops up during a job search or potential business opportunity, it is often too late to do effective damage control.
Damaging internet content should be removed or corrected as soon as possible. Negative internet content, especially content of a salacious nature, has a tendency to spread rapidly. A simple comment can be liked, shared, and republished, transforming a simple internet cleanup issue into an expensive, overwhelming, and catastrophic problem.
People should have a firm grasp on the results of a Google search of their name and/ or businesses. Because search results are constantly changing due to algorithmic updates, searches should be done regularly and frequently.
A reputational threat can take many forms. It can be a news article, photograph, negative business review, social media post, or even a threat from an anonymous online actor.
When conducting a search result analysis for an individual, the searcher should consider undertaking the following types of Google searches:
When conducting a search result analysis of a company, the searcher should consider the following types of searches:
In addition to reviewing the first few pages of search results, the searcher should also monitor image and video results. Any concerning content should be quickly documented by URL and screenshots so that it can be addressed.
Conducting regular and effective Google searches can be extremely time consuming, but it doesn’t have to be. There are countless automated monitoring services that can assist in conducting monthly, weekly, daily, and even instantaneous searches of your name or brand. People interested in protecting themselves or a business from online reputational attacks can consider paid and free monitoring services.
Here are some simple suggestions:
Buying your domain name is one of the most powerful defenses you can enact to protect your online reputation. When a person wants to attack your online reputation, one of the easiest and quickest ways to do so can happen through the purchase of your first and last name as a domain name.
For more context, consider the following domain name attacks we have seen at KJK:
A disgruntled employee quit a non-profit organization. The ex-employee endeavored to take down both non-profit and the leadership of the non-profit. The ex-employee purchased a domain name for the non-profit. (This often looks like purchasing a .com extension instead of a .org extension). The ex-employee continued to publish negative and false commentary about both the leadership and company. The ex-employee amplified the smear campaign by adding new pages to the website, daily, including anonymous testimonials allegedly penned by current and past employees. To further increase the social reach of the site, the ex-employee claimed the non-profit’s name on social media profiles and paid for a Google Ad campaign to increase the search engine optimization (SEO) of the website so that it displayed prominently on the first page of Google in a position that was above the company’s actual webpage. The website received so much attention that the complaints were picked up by news platform, resulting in news articles.
While a company and the leadership members experiencing a similar situation as the aforementioned scenario would likely have legal claims, ranging from employment claims to defamation and privacy torts, this situation creates an expensive and complicated issue for a company. Once something becomes public, it may be difficult, if not impossible, to remove. In the above case study, the business had no choice but to target the website and the news articles to try to remove them. Unfortunately, a situation like this can embolden other employees to take similar actions. Furthermore, the ability to publish online content anonymously adds an additional layer of complication. The risks of this distressing and public situation occurring can be minimized if a company buys multiple variations of its domain name, and further claims related social media profiles.
The COO of a large company separates from a company to pursue other opportunities. During the separation, the COO receives a series of threatening emails from an anonymous email address. The threatening emails direct the COO to a website. The COO checks out the website and discovers that the domain is comprised of his first and last name. His face is published on the front page of the website with the caption “coming soon”. The website appears at the top of a search of his name. While the COO is searching for employment, he spends the next two years in litigation to discover the identity of the anonymous online attacker in an uncertain and expensive process.
While the COO was able to discover the identity of his attacker, this process took two years. Furthermore, the data points were extremely difficult to trace, with no guarantees that the end result would yield identification of the attacker. Situations like the above can be mitigated by the purchase of your first and last name as a domain.
A man searching for employment conducted a Google search of his name and discovered that someone purchased a domain containing his first name and last name. The website contained false accusations of sexual assault, his photos, his social media profiles, and the name of his current company.
Because the man did not discover the website until many years later when he was applying for jobs, and the website was no longer active, his removal options were limited. A person in a situation like this would have no choice but to file a lawsuit or try to get in touch with the website operator.
While all three of the above client scenarios are different, there is one disturbing similarity. The cyber-attacker utilized the same tactic to attack the subject’s reputation through the purchase of the individual or company’s domain name. This strategy guarantees that the attacker will have high placement of his or her message on Google, thereby taking control of the subject’s reputation.
Fortunately, becoming the target of a domain name attack can be minimized by preemptively purchasing domain names containing your first and last name and/ or your company’s name. Domain names are often extremely cheap to purchase. For example, GoDaddy charges $2.99 a year for your first domain. A person purchasing a domain should also consider paying for upgraded privacy protection services so that private contact information is not public.
Individuals, members of corporate leadership, and businesses should think about purchasing the following domains:
Purchasers should also consider purchasing multiple extensions of the above, including .com, .co, .biz, and more.
As illustrated in the first case study in section three, an easy way for cyber-attackers to damage your online reputation is by claiming your name as a handle on a social media site. An attacker can then publish damaging information to that handle, create an account impersonating you, or even extort you for money. Claiming your legal name and business name on social media profiles is a quick and easy way to protect yourself from a reputational cyber-attack on social media.
Keep in mind that many social networking sites have policies against social media handle squatting. While social media handle squatting is prohibited, the reality is that there is an entire black market for the purchase and sale of account handles. If you are going to claim your social media handles, you should make efforts to publish some information to it so that the account is not taken for lack of use.
Online reviews and business directory sites have become an essential promotional tool for companies. The value of positive online reviews cannot be understated. Unfortunately, negative reviews must also be addressed. While negative reviews have become an unavoidable cost of doing business, some negative reviews are published as the result of a reputational cyber-attack. The negative effects of a fake review can often be mitigated by a timely and calculated response. Fake reviews that do not represent an actual customer experience can be removed.
In a situation involving fake online reviews, quick action is necessary to minimize damage. However, operators of a company cannot take effective action against online threats if they do not control online business profiles. Claiming online business profiles on review sites like Google My Business and social media platforms like Facebook can help a company control the narrative before, during, and after a crisis. Additionally, the companies operating business profiles and review sites often have internal support teams and tools to assist users in addressing issues occurring on the platforms. These support teams and tools are often difficult, if not impossible, to access without claiming your business profile.
Social media sites, like Instagram and Snapchat, consistently get hacked. A hacker can pull valuable information from social media sites, including your legal name, email address, phone number, location information, and photos. These people can use this information to harm you by exposing your private information to the public or extorting you for money.
Social media users should not store any information on social networking sites if they are not comfortable with that information becoming public (this includes storing private, intimate photos). You may also want to consider refraining from providing social networking sites with your full legal name or utilizing an email address that contains personal, identifying information.
Negative content can often be removed or pushed down in Google search results. But effective removal requires quick and calculated action. If you discover negative internet content and you want address it, attorneys can help you assess your options. This can range from taking legal action, hiring a crisis management public relations professional, or utilizing the services of a suppression company.
See more »
DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.
© Kohrman Jackson & Krantz LLP var today = new Date(); var yyyy = today.getFullYear();document.write(yyyy + ” “); | Attorney Advertising
Refine your interests »
This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.
Back to Top
Explore 2022 Readers’ Choice Awards
Copyright © var today = new Date(); var yyyy = today.getFullYear();document.write(yyyy + ” “); JD Supra, LLC
