Ken Colburn of Data Doctors offers tips on how to prevent your Facebook profile from being spoofed.
Q: How can I prevent scammers from sending a duplicate friend request to all my friends?
A: Anyone who uses Facebook has probably received a friend request from someone they already had a connection with.
When these duplicate profiles appear, it’s not because your account has been hacked, but because your profile has been cloned or spoofed.
Make your profile undesirable to usurpers
Identity theft victims are usually targeted because their “Friends list” privacy settings are set to public, which means anyone can see who their friends are.
This is how scammers with the cloned profile know who to send duplicate friend requests to – basically anyone in your publicly available friend list.
To check the privacy setting for your friends list, go to Settingsthen Private life and scroll down and open the “Who can see your friends list?” section. Select something other than Public to thwart usurpers, or if you really want to lock it down, change the privacy setting to Just me.
Tip for accepting friend requests
A good process to go through before accepting friend requests – especially if you’re thinking “Aren’t we friends already?” — is to always go to the associated profile before accepting them.
Spoofed profiles will be obvious because they have few or no posts and a small number of friends.
Report spoofed profiles
To report a spoofed profile, click the three dots to the right of the Message button on their cover photo and select “Find help or report a profile”, then “Pretend to be someone”.
Keep answering questions about who they are spoofing to help get the profile taken down, which can happen pretty quickly. I make it a point to notify the friend who has been spoofed so they can send a warning to their friends.
The more people who report the spoofed profile, the sooner it will be removed.
Sign that your profile is compromised
Any time you suspect your profile has been “hacked”, there is a simple step you can take to see if there are any obvious signs.
Start by going to “Settings” and then “Security and Login” to show you “Where you are logged in”. The list will be in reverse chronological order, starting with your current session and will include an approximate location and the device that was used to log in.
If something on the list is clearly not one of your devices or locations, chances are someone has your username and password – so change your password immediately. You can log out of any session by clicking on the three dots to the far right of that session.
If the list is very long and you want to clear them all, you can choose “Log out of all sessions” at the bottom of the list.
If you want to set up a way to get back into your account in case you get locked out, be sure to go back to the top of the “Security & Login” page and choose some friends to contact if you get locked out.
Ken Colburn is founder and CEO of Data Doctors Computer Services. Ask any technical question on Facebook or Twitter.