Facebook Cloning

     We have all been there, one of your friends sends you a message that they just received a friend request from you on Facebook and your first thought it I have been hacked. This first instinct happens to almost everybody. The good news is you most likely were not hacked but you were cloned. This is a very common scenario and it is becoming more and more common.

     Facebook account cloning is a simple scam – but it’s easy to be fooled by it. A cloned account is a copy, that uses your profile photo and other public information to trick your friends into giving up their information. It may seem like a harmless prank, but these clones can cause real damage. A cloned account may convince your friends to send them money, collect passwords or other information, or dupe them into other scams.

     Account cloning isn’t a hack or an exploit – it’s just a result of clever scammers using your publicly available information to fool your friends. Pretending to be you, the cloned account could message your friend saying you need cash to handle some emergency – for example, being mugged and needing funds to get back home. You may think your friends are too smart to fall for a scam like that, but because these requests come from you, they may respond without thinking.

     And that’s why you need to worry about Facebook account cloning. Whether it’s your account or a friend’s that’s been cloned, there’s real harm in this “prank.”

How do I know if my Facebook account has been cloned?

     You can search Facebook for your name to see if there are other accounts pretending to be you, but it’s likely that there’s someone else on Facebook who legitimately shares your name. While you can do this to look for duplicates, be aware that not every result will be someone maliciously cloning your account.

     But you’re far more likely to find out your account has been cloned after the fact, when your friends notice odd behavior from you on Facebook. Before a cloner can scam your friends, they have to send them a friend request from your cloned account, which can set off red flags for the security savvy. If they accept your friend request without thinking, they’ll start receiving messages that may not sound like you. If a friend tells you they’ve gotten a friend request or a suspicious message, your account may have been cloned.

What should I do if my Facebook account has been cloned?

Facebook doesn’t allow accounts to impersonate others, so if you find a clone account you should report it to Facebook. Just go to the cloned profile and:

  1. Click the “…” icon in the upper right of their profile page.
  2. Select “Report Profile.”
  3. Follow the instructions onscreen to report the account for impersonating you.

Once you’ve reported the page, post to your timeline and tell friends not to accept new friend requests from you, and to ignore any messages that might be scams.

How do I know if my Facebook account has been hacked rather than cloned?

  1. Open Facebook from your web browser.
  2. Click the triangle in the upper right to open the menu, then select “Settings & privacy.”
  3. Select “Settings.”
  4. Click Security and Login in the left-hand column.
  5. The “Where You’re Logged In” section tells you every device that’s logged on to your account, and when they last logged on. Click “See More” to see a full list, and review each login to decide if it’s you.If every login was you, then you have nothing to worry about.

What should I do if my Facebook account has been hacked?

     If there are any logins you don’t recognize in the list of “Where you’re logged in,” click the menu button to the right and select “Not You?” to report it to Facebook. When you’ve finished reporting the unrecognized logins, select the option to “Log out of all sessions.” This will boot out the hacker. After that, change your password and set up two-factor authentication for extra security – you’ll find both options on the Security and Login page.

     Even if you haven’t been hacked, it’s a good idea to turn on alerts for unrecognized logins. When it’s enabled, Facebook will tell you if an unrecognized device logs on to your account, so you’ll know if a hacker has access to your account immediately. To turn it on:

  1. Open Facebook from your web browser.
  2. Click the triangle in the upper right to open the menu, then select “Settings & privacy.”
  3. Select “Settings.”
  4. Click Security and Login in the left-hand column.
  5. Scroll down to “Setting Up Extra Security.”
  6. Click “Edit” next to “Get alerts about unrecognized activity.”
  7. Select “Get notifications” and then choose an email address (or email addresses) to be notified by email.
  8. Click “Save Changes.”

How can I avoid Facebook account cloning?

     Start by hiding your Facebook friends list. Anyone who clones your account will use your friends list as a list of targets, but if your friends list is private, it’s much harder for them to find anyone who will fall for their scams. Fortunately, hiding your friends list only takes a few quick clicks:

  1. Open Facebook from your web browser.
  2. Click the triangle in the upper right to open the menu, then select “Settings & privacy.”
  3. Select “Settings.”
  4. Click “Privacy” in the left-hand column.
  5. In the “How people find and contact you” section, check to see who you have selected as being able to see your friends list. If it’s “Public” or you want to change who can see your friends list, move on to step 6.
  6. Click on “Edit” next to “Who can see your friends list?”
  7. In the drop-down menu, select who you would like to see your friends list.

And while you’re looking at your Facebook settings, it’s never a bad time to review your privacy settings. Keeping your information locked down is the best way to keep yourself safe, so take a minute to review your other settings.

Skip to content