Firms at risk: How-to-hoax guide published

The person claiming to be behind an elaborate hoax on British security company G4S has linked to documents which explain how to target companies with similar "prankster tactics".

In an article published on Indymedia.ie on Wednesday, a person calling themselves "aa" said that G4S was targeted because of its involvement with immigration removal centers in Britain.

Journalists received a hoax press release on Wednesday, which said there were accounting irregularities at G4S and linked to a site that replicated the company homepage, but had a different URL.

Read MoreBritish security firm hit by elaborate hoax

The release was part of an elaborate attempt to hit the company's share price, but wasn't wholly successfully. G4S shares lost some gains immediately after the statement was received, but recovered quickly.

Despite the hoax's limited effect, the person claiming responsibility linked to a document which they described as an "interesting text about this method of struggle and about how to create fakes".

KTSDESIGN | Science Photo Library | Getty Images

Professor Tim Watson, director of the Cyber Security Centre at the University of Warwick in the U.K., said hoaxes like this were a relatively new tactic being used by a variety of groups, including nation-state actors and hacktivists with ideological aims.

"It can be particularly serious if it's believed," he told CNBC on Thursday. "In theory, this type of attack could cause a run on a bank, for instance, or could be used by criminals to profit from a drop in share price they have caused."

'Prankster tactics'

The how-do document linked to from Indymedia.ie is entitled "Prank the pranksters! Playing around with information and fakes in the age of immaterial capitalism" and gives "practical ideas for sending a fake press releases/communication".

Read MoreThe one cybersecurity threat everyone misses

The aim of so-called prankster tactics is to cause a negative economic impact – such as a fall in share price - by spreading fake information about a company.

"Doing this may require really simple informatics tools, a meticulous study of the 'target', some knowledge of the sector and, sometimes, the help of an 'insider' willing to pass some information, tips, etc," the document says.

Despite claiming not to be a handbook, the document goes on to detail how to set up fake "corporate" websites and email addresses, write a false press release, build up a distribution list of journalists – and even how to avoid a fake email ending up in journalists' junk mail folders.

Tips for potential pranksters include: "You should create realistic news, at the same time sensational enough for being published and to cause damage to your target".

Read MoreFalse rumor of explosion at White House causes stocks to briefly plunge

And: "The psychology of journalists is an aspect to think about. They often don't check so much the truth of information if they believe the source."

How companies can protect themselves

There are a number of ways in which companies can attempt to protect themselves against this type of attack, Watson said, although he admitted it was difficult because the attacker was acting independently from the company.

Companies should regularly check whether any new websites including their name in the URL have been created, for instance, and should monitor their site for malicious "web spidering", which sees a program "crawl" through websites and download every page, which can then be used to create a replica site.

The good news, according to Watson, is that the potential damage of hoax attacks was likely to fall as they become more popular.

"The first time it happens, people are very trusting of the information and the impact can be significant" he said. "But as people get used to them, the effect will be lessened simply because we are less trusting of any big story coming in this form."

- By CNBC's Katrina Bishop