CHARLOTTE, NC — Almost every day, I see at least one of my Facebook friends posting on their timeline that their “Facebook has been hacked.” Most often this “hack” is someone cloning their Facebook profile by taking their name and photo and creating a fake account.
Clone Facebook profile is both easy and lucrative for bad guys. There is hardly any work to do and they can make money by spreading malware and ransomware in messages and forwarding scam websites hoping someone clicks and pays.
Many Facebook users make it even easier for the bad guys. If you do any of these things, you are setting yourself up to be cloned.
If you’ve accepted friend requests from people you don’t know, they can see your friend lists, posts, photos, phone numbers, and anything else you make public on Facebook. This gives them the ability to copy or steal your information as well as your friends’ information.
A lot of people know this, but did you know that friend requests you’ve declined can also see your information?
Go to the list of your friends and in the “More” tab, choose the followers. All of these people are people who sent you a friend request that you declined. They are “followers” and not only can they see anything you post publicly, but they also receive updates when you post. If you see someone you don’t know, block them. Facebook forces you to do it one at a time.
In “Public Posts” in the settings, change who can follow me to “friends” or “friends of friends”.
Usernames and passwords can be stolen if you’ve used Facebook to sign up for apps and websites. Most people do this after downloading a new app because it’s convenient. But it also opens a door for people to access your public information on Facebook.
Go to Settings, then “Apps & Websites”. Facebook now blocks these third parties from seeing your information if you haven’t used it for 90 days. But that’s not always accurate. Be sure to tap or click the See More tab. If you see something you don’t remember or don’t use, delete it.
Make posts visible only to your friends or friends of friends. otherwise, anyone can see what you post, even if they’re not on Facebook.
Make your friends solid and keep your friends list just for you or your friends. remove your phone number and date of birth so that they are not displayed publicly. You can leave your birthday month and date visible to your friends if you want them to wish you a happy birthday every year. But no one needs to see the year you were born.
So what if your Facebook profile has been cloned?
Report it to your Facebook. If you see strangers leaving comments, report them to Facebook as fake accounts.
We posted the story of the cloned profiles in the morning and within minutes a stranger left a scam in the comments. Someone did it on the LinkedIn article I shared too. So they are notified whenever someone posts anything about their scams and how to remove them.
See where you are logged into Facebook. You will find it in the settings. If you see a login and you’ve never logged into Facebook from there, log out of Facebook on all devices and change your passwords. I use a very strong password and two factor authentication and also check that from time to time. When I did this today, I saw that someone had logged into my Facebook account in Bangladesh. You’ll need to sign in again on all your devices using the new password, but this will prevent anyone from anywhere in the world from signing into your account.
Finally, if you haven’t done so in a while, use Facebook’s Privacy Checkup to review your settings.