Chances are your Facebook account hasn’t been ‘hacked’, it’s been cloned.
‘Hacked’ has become something of a catch-all term in the mainstream media, used as a shorthand for any kind of computer attack. But if your friends are suddenly being plagued with Facebook Messenger messages from an account bearing your name and your photo, it’s unlikely the attackers have stolen your password and broken into your account. They’ve merely created a new account in your name, by scraping information you’ve made public on your Facebook profile.
How did they clone your account? Probably because you gave too much information away to complete strangers.
On your computer, go to Facebook settings, click Timeline and Tagging in the left-hand pane and next to ‘Review what other people see in your Timeline’ click View As. This will show your Facebook profile as it would appear to a complete stranger. If they can see all your photos, your friends and other personal information, you’re a soft target for the conmen.
To clone your account, the con artist simply opens a new account in your name, using your current profile pic, and then starts hitting all your pals with friend requests. Some people will smell a rat when they receive another friend request from you; others will think you’ve temporarily de-friended them or maybe even have forgotten you were friends in the first place, and accept the request from the fake account.
In short order, the conmen will send your friends messages using Facebook Messenger, asking how they are, what they’ve been up to, and then post a tempting link, such as “Have you seen this?” or “Have you seen Facebook is giving away loads of cash if you enter this competition?”. If your friends click on that link, they’re in a world of pain, as it will either want them to hand over personal details or install something dreadful on their computer.
How to prevent Facebook cloning
The best way to stop the cloners is to tighten up on who can view your profile and personal information. Go into Facebook’s settings again and click the Privacy tab on the left.
Change ‘Who can see my stuff’ to only your friends, and change ‘Who can see your friends list?’ to Only Me. This will prevent complete strangers from being able to target your nearest and dearest (and even the bloke you went to school with 25 years ago, who you can’t abide).
While you’re there, you might as well check you’re happy with the rest of Facebook’s clusterbomb of privacy settings.
If you’re still at all concerned your actual account has been hacked, change your password in the Security and login section and then, for good measure, turn on two-factor authentication. This will send a code to your mobile phone every time someone attempts to login to your Facebook account from a new device. So, unless the Facebook fiend has managed to steal your phone too, nobody can break into your account.
Finally, get your friends to report the cloned account to Facebook (by clicking on the Help icon and Report a problem). Although ask them to make sure they’re reporting the clone and not your actual account. Otherwise, you might find yourself locked out of your Facebook account after all…
Now read this: The BBC asked for loads of your Facebook data. What did it do with it?
(Top picture credit: Kārlis Dambrāns)
If Facebook doesn’t try to stop and remove these clones and we can’t talk to the “clown” without trying to friend them, what do we do?
I am done with facebook, just asked for my accounts to be deleted. Today has been utter hell. I got a post on my business facebook page that was a screenshot of what looked like me messaging a girl. She posted it all over sites around town and to my business facebook account. When i got a notification for the post is when i seen it and freaked out. Then tons of people started messaging it to my wife (luckaly i had already showed it to her and was trying to shut it down). About half the people understood the truth others told her i was lying. When i looked at my login activity it showed someone on the other end of the state and someone else on the other end of the country had logged into my account. I am worried this could do detrimental damage to my small business just so some hacker could get a laugh. I deactived my business and personal facebook accounts and asked facebook to delete them. As a struggling small business owner i cant have this kind of stuff happening.
How can messages from a cloned account show up in the inbox of the original account? That is totally impossible and your article is bogus. the ONLY way messages are being sent from your own account is because you visited a phishing website/link and it asked you to log in to see something and you did. then someone got your name and password and signed into your actual account and sent the messages. No, your account wasn’t hacked, and it wasn’t cloned. you gave someone your Facebook log in information. The best remedy is to change your password and in the future NEVER sign in w/ Facebook to view something. ESPECIALLY links sent in messenger.
How do my friends know which is the “cloned” account and which is my actual account???
Thanks for the helpful article! I must admit, I used bots and software (like cucomm) to automatically send messages to users on Facebook. Sometimes it is useful in promoting projects, but sometimes it makes others uncomfortable.
Thank you! This was a VERY helpful article!