I choose this topic first because it seems to be a common occurrence among people close to me. I first encountered this when my father’s Facebook account was cloned. I received a message from a family member who received a suspicious message from the account and contacted me. I was able to call my dad and he quickly resolved it. The quick resolution was in part to his technical background.
He knew how to navigate Facebook’s platform well, and was able to report it quickly.
For a lot of people, it can be hard to understand what exactly is going on in cases like this and where to go to resolve it. It can be a scary thing when someone starts contacting your friends posing as you. It would be easy to assume your account has been hacked.
In the case of these attacks, your account has not been hacked. The attacker is merely using information that is publicly available and using it to create a brand new Facebook profile.
My father is not the only person I know that has been a victim to these types of scams and I find myself repeating the steps to friends and family so they can secure themselves on Facebook. But let’s face it, a phone call is not the best method to explain how to protect yourself from those type of attack. So let’s walk through how to best recognize and arm yourself against Facebook cloning attacks. Hopefully you will walk away knowing how to better protect yourself while still enjoying your Facebook experience.
The Attack starts with a friend request. This is usually a request from a current Facebook friend and is frequently dismissed as an accidental unfriending or it’s possible the recipient does not realize that they are already friends with that person. The next step in this attack could be immediate or days/weeks down the road. The approach really depends on the attacker and the information they are trying to get.
The next likely step in this attack is for this new “friend” to make contact. It usually comes in the form of a message and involves a sob story of a friend who is down on their luck or stuck in a sticky situation and needs money fast. Another common ploy is that the ‘“friend” has come into a large sum of money and are looking to share it, much like the Nigerian prince email scams. This is where most people start to detect that something phishy is going on. This is where the recipient starts to suspect that their friend’s account has been hacked.
While it is not unlikely that it could be an account hacking, it is likely that the attacker was able to avoid the hard work of hacking by just leveraging someone’s public Facebook information. It’s also possible that there will be no contact and the attacker is trying to find more personal information that can be used for fraud or other hacking. Nonetheless, it is important to be vigilant while on Facebook and keep your tinfoil hat on.
Protect Your Account
There are ways to safe-guard your account against cloning attacks. Follow these steps and your account will be much safer:
Audit the information on your account that is visible to the public: Anything that has a globe next to it can be seen by anyone that views your profile, even people who are not already friends. This information can be used when an attacker makes a cloned account. By making your profile information visible to friends only (or removing it completely) an attacker will have much less information, which makes the attack less believable.
Also, check the privacy of your posts. Attackers can sometimes go as far as copy and repost public Facebook posts and write new posts, on their clone account, in your tone and style. Facebook even has a tool that changes all your Facebook post’s privacy. To find this click on Settings > Privacy. Under the Who can see my stuff? Section, click on the Limit past posts link. Then click on the Limit Old Posts button.
Hide your friend list: Your friend is the key to the attack and by hiding it, it will protect your friends from being victimized by this attack.
To do this navigate to your profile and click on the Friends tab. On the right side of the page, there is a button with a pencil symbol on it. Click on it and select the Edit Privacy dropdown. Here you can choose to make your friends list visible to Friends or Only Me. Then click on the Done button.
If you are already a victim of this attack, post a new update warning your friends of a duplicate account and report the account to Facebook. In my experience, Facebook acts quickly when reporting a malicious account and has removed the account within a couple hours.
To report the profile, navigate to the profile page and click on the button on the right with 3 dots and select Report from the drop down.
A popup will appear. Here select Report this profile. Then after clicking continue select They’re pretending to be me or someone I know.
Recognizing a Fake Friend Request
Just as it is important to be vigilant with the information on your Facebook profile, it’s just as important to be vigilant with a profile you are accepting a friend request from. There are a several important questions that you should ask yourself when receiving a new friend request:
- Are you already friends with this person?
Do a search of your friends list to be sure. If yes, send them a message on the already friended profile asking if they created a new one. If you have a means to contact them outside of Facebook, this is even better. When you receive a new friend request from someone you think you already might be friend with, search your friend list to confirm if this is already a friend.
- Does this profile lack information or posts?
- Does anything seem out of character for that person?
Once you have confirmed the duplicate account, reach out to your friend to let them know that there is a clone account and report the account to Facebook, as shown above.
As long as profile information is publicly available on Facebook, these types of attacks will continue to happen. There are a number of reasons why malicious people are carrying out those attacks but the bottom line is that your personal information is valuable and it’s important to protect it.