Sisters of the Valley say fake Call Her Daddy team hijacked social media controls
Sisters of the Valley say impostors posing as Alex Cooper’s Call Her Daddy team ran a months-long social engineering scheme that led to lost business admin access and prompted FBI and FTC reports. The California wellness company is warning creators and small businesses to verify collaboration requests through a separate channel before changing account permissions.
Why it matters: - The case shows how attackers can use a trusted celebrity brand and legitimate platform tools to pressure a business into handing over control. - Sisters of the Valley says the scheme reached beyond a simple phishing attempt and could be a template for targeting creators, influencers and small businesses. - The company is warning that excitement over a high-profile invite can become part of the vulnerability.
What happened: - Sisters of the Valley says criminals posed as representatives of the Call Her Daddy podcast and offered a paid interview with host Alex Cooper. - The approach began in late December 2025 and stretched for about six months. - The impersonators used email, phone calls and at least one Zoom meeting to build trust. - The company says the fake team guided staff through changes tied to social media collaboration and event-management tools. - Sisters of the Valley says it lost business admin control on July 1, 2026. - The company says the first suspicious call tied to the impersonation happened on April 17.
The details: - Sisters of the Valley says two employees excitedly told founder Sister Kate that Alex Cooper wanted to interview her. - Sister Kate did not know who Alex Cooper was, but younger Sisters pushed her to respond quickly. - The impersonators reportedly invoked Meta sponsorship and said event-management functions needed to be configured for a future LIVE appearance. - Months later, a man identifying himself as “Jeff” re-established contact and said the LIVE event had been delayed because Meta was backed up. - Sister Kate followed the same steps again during that later call. - The company says its public Facebook and Instagram accounts kept posting normally, so followers had no visible sign of trouble. - During the later investigation, Sister Kate found that her privileges over her own business assets had been suspended on April 17. - The company says the documentation includes emails, messages, telephone records, dates, screenshots and support interactions. - One preserved support exchange labeled the issue a “Business Manager Compromise Review” involving “Unauthorized admin/Events Manager access.” - Sisters of the Valley says the exchange also referenced the Call Her Daddy impersonation and unauthorized administrator activity. - The company has filed reports with the FBI Internet Crime Complaint Center and the FTC. - Sisters of the Valley says it found no evidence that Alex Cooper or the legitimate Call Her Daddy team took part in or knew about the operation. - The Sisters say Cooper and her team were victims of the impersonation too. - The full documented account appears in the company’s article, The ‘Call Her Daddy’ Hack: How Criminals Took Over the Control Room Behind Our Social Media Assets.
Between the lines: - The attack appears to have worked because the contact looked like a real collaboration, not because of an obvious malicious link or password theft. - Sisters of the Valley says the criminals wrapped themselves around normal partnership workflows and used real business tools to advance the fraud. - The episode suggests social engineering can unfold slowly, with legitimate calls and platform actions masking the takeover.
What's next: - Sisters of the Valley is urging creators, influencers and small-business owners to verify high-profile collaboration requests through a second, independently sourced channel before changing permissions or connected assets. - The company says businesses should not rely only on the email thread, phone number, Zoom meeting or contact information that came with the invitation. - Sisters of the Valley says it is publishing the case as a warning to others who receive podcast, LIVE event, sponsorship and cross-platform partnership offers.
The bottom line: - A celebrity-branded invitation can be a social engineering weapon, and the safest next step is to verify it outside the original conversation.
Disclaimer: This article was produced by AGP Wire with the assistance of artificial intelligence based on original source content and has been refined to improve clarity, structure, and readability. This content is provided on an “as is” basis. While care has been taken in its preparation, it may contain inaccuracies or omissions, and readers should consult the original source and independently verify key information where appropriate. This content is for informational purposes only and does not constitute legal, financial, investment, or other professional advice.
Sign up for:
Small Business Online Network
The daily local news briefing you can trust. Every day. Subscribe now.
Check Your Email!
We sent a one-time activation link to: .
Confirm it's you by clicking the email link.
If the email is not in your inbox, check spam or try again.
Welcome back!
is already signed up. Check your inbox for updates.