Imagine this scenario. You’re browsing on Facebook and one of your friends sends you a message querying why you just sent them a friend request.
You never sent such a request, and upon an investigation, it turns out someone unbeknown to you has created an account that appears identical to yours. Same name, same profile picture. Same information.
And this fake Facebook account is sending friend requests to all your friends.
It’s called Facebook cloning. And despite the crook creating a duplicate account under your name, it’s actually your friends that are the target of this scam, not you.
The aim of the criminal is to trick your friends into accepting a friend request from the cloned account they created while thinking it’s you. Once that friend request is accepted, the crook has access to the innards of your friends Facebook accounts including their personal information.
From there, any number of social engineering scams can take place. For example, the crook can lure your friends into clicking links, giving up sensitive information or even handing over money, the whole time tricking your friends into thinking they’re communicating with you.
Facebook cloning scams are extremely popular over social media, primarily because they require little technical know-how since the crook merely has to create a Facebook account with your profile picture and name and then send friend requests. As such, almost anyone could orchestrate such a scam.
Fortunately you can stop crooks in their tracks. By hiding your Facebook friends list. Without knowing who you’re friends with on Facebook, the crooks don’t know who to send friend requests to.
To hide your friends list, head to Facebook’s website (not using the app) and head to your profile and click Friends. Then click the pencil icon and Manage Privacy and there you will see the Who can see your friends list? option. Make sure public is NOT selected. Instead select Friends or better yet Only Me.
If you believe you’re already the target of a cloning scam, first report the profile by going to the offending profile page and clicking the Report option. Then warn all your friends not to interact or accept a friend request from any other accounts that appear to be yours.