Imagine having an evil twin somewhere out in the wild causing chaos in your name. On Facebook, that fear can become reality. Facebook cloning is a relatively recent social engineering technique that you may not know about. Learn about it below and see how to prevent it.
What is Facebook cloning?
Facebook cloning is a social engineering technique where scammers use your publically available Facebook info to create a fake copy of your profile. They don’t have to hack your Facebook profile, but they can still cause problems with their fake one.
Usually, they will try to add your existing friends to their list to reach as many people as possible.
- Send malicious links to your friends;
- Ask to loan them some money by presenting a fake story;
- Try to extract your personal info from your friends. They might provide it to them thinking it is you. After getting this info, scammers can manipulate it and make the fake profile look even more convincing;
- Use bait-and-switch techniques;
- Compromise your reputation by posting something inappropriate to your friends or in public;
- Try to shut down your real profile by reporting you.
While some people are more cautious, many may still accept suspicious friend requests. They might think that it’s your new legitimate profile, that you defriended them and want to be friends again, etc.
How to find out whether your account has been cloned
Try entering your name into the Facebook search field and check whether you see a profile with the same name, photos, etc. Just make sure it isn’t the profile of someone else with the same name.
In most cases, people find out about such profiles from friends who report it to them. However, not all the reports are genuine too. There were known cases of hoax messages suggesting someone’s account has been cloned. It prompts users to share this message to their friends. Thus, always make sure you get such reports from a trusted person.
What to do if your Facebook account has been cloned
First, you should report cloned Facebook accounts (whether yours or not) immediately. Here’s how:
1. Go to the fake profile on Facebook;
2. Click the three dots on the cover photo;
3. Choose Find Support or Report Profile;
4. Choose Pretending to be someone and follow the prompts.
Secondly, notify all your Facebook friends about the cloned Facebook account. Instruct them to ignore the fake profile – to reject friend requests, messages and links. Also, ask them to report it too, which may prompt Facebook to take it down faster.
What to do if you receive a friend request from a clone
If you get a suspicious request from someone you know, please try to contact that person first through its genuine channels (legitimate social media profiles, phone, in person, etc.) to make sure it is not fake. Under no circumstance, accept the request or engage in any contact with a scammer.
How to prevent Facebook cloning
While no measure can fully protect you from cloning, you can minimize its possibility by publicly exposing as little info on Facebook as possible. Adjust your privacy settings and make sure to make everything private. First, hide your friends from the public:
1. Go to your profile and click on Friends;
2. Click on the pen image on the right and click on Edit Privacy;
3. Remove the Public visibility from all the sections by clicking on their drop-down menus. choose the one most suitable for you. By clicking on Friends, you can make it visible only to your Facebook friends, but you can also choose Only Me so that nobody else can see it.
Second, customize your Facebook privacy settings:
1. Press the triangle in the top right and click Settings;
2. Choose Privacy;
3. Here you can see which of your features are visible to outsiders and change settings accordingly. In the Your Activity section, make your posts invisible to the public by clicking Edit and changing Public to Friends or Only Me in the drop-down menu below.
You can also make it harder for scammers to find you by your email, phone number or search engines. Check the last three options in the aforementioned Privacy Settings and Tools section. Set the first two to Friends or Only Me, and untick the Allow search engines outside of Facebook to link to your profile field when you press Edit on the last one.
To review your choices, you can always do a privacy check-up on Facebook to see whether your account is private enough:
1. Login to Facebook and click on the question mark on the top right;
2. Choose Privacy Checkup and follow the steps suggested by Facebook.
Third, do not accept friend requests from people you don’t know or have no shared connections with. You can always ping someone to check why they are friending you if in doubt.