As of 2015, the photo-sharing app Snapchat had 100 million daily active users, most of whom are millennials. But one of the collateral affects of being so widely used and popular is that people will use the service to take advantage of other people. This may be called Snapchat impersonation.
Launched in 2011, Snapchat has quickly evolved from a fun way to share quick selfies to a wildly popular social media app for the under-30 crowd. Facebook even offered to buy the app in 2013 for an estimated $3 billion.
What is it, exactly? Snapchat is a texting platform that lets users send pictures and short videos to friends (called “Snaps”), but unlike with standard texts, the photos and videos in Snapchat only appear for a few seconds once the user opens them. Then, presumably, they disappear forever. The app has garnered a lot of attention, particularly from young adults, who use the app for everything from quirky texts to more risqué communication.
If you use Snapchat, then you know that the app works like most texting applications in that you can only communicate with people you know, specifically people you’ve added as friends via the app. On the surface, this seems like a pretty straightforward system. You add a friend, he sends you a picture, you send him one back, and the deal is done.
But what happens when that friend turns out to be a total stranger who’s using your friend’s information? Worse, what happens when you find out that someone else is using your information to chat with your friends? The Internet makes it possible for anyone to be anything – and anyone – they want to be, and Snapchat isn’t immune to the growing issue of online impersonation.
Snapchat’s Basic Approach to Security
Snapchat’s premise makes it easy for people to send photos and videos that they may not want to stick around in cyberspace. One of Snapchat’s biggest appeals is that the messages you send will expire within a few seconds after being opened. Even better, Snapchat launched an update that alerts you if one of your friends saves the image using her phone’s camera, so you’ll usually know when someone takes a screenshot of the image that you just sent.
Unfortunately, nothing you post online – or send over the Internet – is ever really gone for good. In typical Internet fashion, users have already discovered a number of workarounds for both iOS and Android users who want to save Snaps without letting their friends know. The intentions behind these workarounds may be fun, but they could lead to more serious consequences if the person you’re chatting with isn’t who you think it is. You might become the victim of identity theft, extortion, blackmail or other crimes all from a simple photo-sharing app.
Snapchat impersonation is surprisingly easy since all you need to sign up for an account is a valid email address. Unlike Facebook or other multifaceted social media platforms, Snapchat’s basic system practically encourages abuse by cybercriminals. Even the app’s community guidelines are written broadly and without the same authority of traditional terms of service agreements. Snapchat encourages users to:
- Be thoughtful
- Avoid sending “mean” Snaps
- Avoid sending Snaps that may be considered illegal, such as pornography, photos of people without their permission, or harassing and bullying content
According to the company’s guidelines,
It’s okay with us if someone takes a screenshot, but we can’t speak for you or your friends.
This open-ended policy on taking illicit screenshots could be seen as an invitation for hackers, specifically impersonators, to steal images from your account while using your email address to perpetuate the crime. In fact, an early issue in Snapchat’s history came from the fact that the sign-up confirmation email that users got when they opened an account had no option for opting out if the account was created in error.
In the original confirmation message that users received, Snapchat told new account holders not to worry if they hadn’t actually signed up for the account because “someone probably just typed the wrong email address.” Snapchat’s laissez-faire approach to user security made it extremely possible for someone with a stolen email address to open an account and start using it as another person. As of January 2016, this issue has been addressed, and new users can now let the app know if they didn’t actually create an account. The question that has to be asked, though, is how many email addresses were compromised in the five years before Snapchat addressed this serious oversight?
How to Report Impersonation
Whatever shortcomings there may be within Snapchat’s community guidelines, the app’s policy on impersonation is black and white: “Don’t pretend to be someone you’re not—including celebrities, brands, or other organizations.” The consequences of violating the company’s terms are also clear. If you impersonate another person, for example, the offending content will be removed at the site’s discretion, and the account could be terminated depending on the offense. Once an account is terminated, that person won’t be allowed to use the app anymore.
Snapchat makes it easy to report impersonation offenses. Follow these steps if you suspect or know that someone is impersonating you on the app:
- Follow the link above to the impersonation reporting page, or visit Snapchat’s support page for more information.
- Provide your name, email address, Snapchat username and the Snapchat username of the fraudulent account.
- Give as many details as possible about what you know, including how you found out and a description of the fraudulent account’s activity if possible.
Snapchat does not allow third-party reporting, so if someone tells you about a fraudulent account being used in your name, you’ll have to register with Snapchat to see the account and report on it yourself. The exception is for minors, whose parents can file an impersonation report on their behalf.
If you don’t use Snapchat and don’t want to create an account just to report an impersonation attempt, then send an email to the Snapchat support team. They should resolve the issue for you if you can prove that you’ve never signed up for an account using the email address that they have on file. In these cases, the account should be deleted once you report the issue.
Preventing Impersonation Attempts
Social media platforms may make our lives more fun, but cybercriminals can access accounts too easily, especially on a bare-minimum-security app like Snapchat. If you’re thinking that an impersonation account is no big deal, consider the fact that Snapchat, like many apps, offers in-app purchases. In fact, Snapchat depends on a certain percentage of its users to pay for the privilege of keeping those one-off Snaps. The app currently rakes in about $3 million a year, and its list of happy customers keeps growing. A hacker who steals your identity also gains access to your friends’ Snaps. There are financial and personal reasons to safeguard your information, even if you don’t ever plan on signing up for an account.
Snapchat offers a few basic tips for staying safe while using the app, such as keeping your password to yourself, avoiding sending pictures and videos that you wouldn’t want stored somewhere, adjusting your privacy settings and reporting suspicious activity. When you adjust the privacy settings, make sure to review the following:
- Who can send you Snaps: If you click “My Friends” instead of “Everyone,” you’ll eliminate unwanted posts from coming through, and you may be able to more easily spot impersonation attempts on behalf of your friends.
- Who can see your Stories: As with the Snaps, if you set your Story line to be visible to friends only, you’ll reduce the amount of spam that you get while preventing prying eyes from seeing your history.
Because you have to use an email address to create an account with Snapchat, use one that you don’t have tied with other accounts, like your bank account or even Facebook. Your goal should be to make it harder for hackers and impersonators to figure out your passwords so that you can protect your online presence on and off the app.