We all have seen a friend on Facebook post something like:
HEADS UP!!! Almost all of the accounts are being hacked now. Your profile picture and your name are being used to create a new facebook account and then they want your friends to add them. So your friends think it’s you and accept them. From this moment, the pirates can write what they want under your name!!! I want you to know I have no plans to open a new personal account so please do not agree to a 2nd invitation from me!!! Copy this message on your wall so that all your friends be warned!!!
Do not share…copy/paste!
But has their account actually been hacked? More often than not, the account was not hacked, instead, it was cloned. Cloning is more in line with Phishing than hacking. Cloning is when someone has created an account, using your name, photos, and biodata, which they scrapped from your account, they then use this data to make a clone of your Facebook page. Because there is more than one John Smith in the world, Facebook will allow more than one account using your name to exist Because so many people use cute clipart of a logo for their profile picture, Facebook can’t automate detecting if that is being used properly or not.
Once the account has been established, they will send friend requests to your current friends, pretending to be you.
Why Would Someone Do This?
That is a great question and the answer is, once they have the new page up and running, and they reach out and pretend to be you, they could have one of several agendas.
They could ask your friends for money. In this popular scam, they would tell your friends that you (the fraudster) are on vacation and got your wallet/purse stolen and need a few dollars to make it until you can get to your bank.
They could ask for personal information. In this scam, they work to find out key information, like your middle name, address, phone number, maiden name (if that applies to you), and so on. Armed with this information, they can open up credit card accounts in your name. They can also use this information in an attempt to compromise your real Facebook account.
They could trick your friends into a scam. This one works, by the fraudster trying to convince your friend(s) to shop online at a particular store, which they own. They would capture their credit card information when your friend(s) made a purchase.
Another scam that these fraudsters use is this fake account to use at a reviews click farm.
Long story short, bad people are going to do bad things.
How Can You Stop This?
The only thing you can do is alert your friends and report the fake account to Facebook. In my experience, Facebook will promptly send you a reply, stating that they can’t confirm that the cloned account is fraudulent, which means they didn’t delete it. They will also surely throw in something about Going against Community Standards. My mom has actually had her account cloned. 6-7 months later and it is still out there. Facebook, gave me the standard reply of there isn’t anything they can do about it as they can’t confirm the legitimacy of the account.
The sad part is that the cloned page is identical to my mother’s except there is nothing on her wall. You would think that since her account is close to 10 years old, it would not be a problem to determine the fake account and delete it.
Hacking vs Cloning
Now let me state that there are some accounts that have been hacked, not cloned. A clone is a copy whereas hacking is when they actually have full access to your account. If you have been hacked, you might not even know if you have been hacked. To determine if you have been hacked.
1. Sign in to your Facebook account
2. In the upper right corner, click on Settings > Settings & Privacy > Settings
3. In the left column, select the section “Security and Login”
4. Look to see where else your account is logged in
5. If you find something strange, you can “Log out of all sessions”
6. Then change your account password
Facebook will give you information about which devices are logged into the system, from which locations, and at what time. Click on ‘See More‘, in the “Details” section, and you can see a complete list of logins to the page – if you find suspicious logins, not from your device or location, change your password and username since your page has been hacked. If every input suits you, you should not change anything.