Facebook Hacking vs Cloning Overview and tips from a former IT Auditor
by Vance Jochim, FiscalRangers.com Feb. 24, 2017
The short URL to return to this page is: http://tinyurl.com/FacebookCloning
Many Facebook users are reporting their Facebook account was "hacked", when it was really duplicated, or cloned.
I used to be a software developer and information systems auditor.
Most Facebook accounts are NOT hacked, but CLONED.
Update March 6, 2017: Here is a video of an actual cloning example, and how I reported it.
Hacking would indicate they got your password, logged in to your actual account and made changes, took data, etc. That is RARE.
Usually, a duplicate account of yours is created, and friends get a friend request from the fake account which was a duplicate or CLONE of your account.
Why would people try to clone your account and get your friends to like it?
They want to SCAM YOU or your FRIENDS
There are YouTube tutorials on creating Facebook profile clones, and here is one description of preventatiive techniques from www.hoax-slayer.net .
"Once the scammers have a few “friends” on the fake profile, they can then start sending scam messages in the name of their victim.
They may try to draw the friends into advance fee scams claiming that the victim has won a large sum of money and offering the “friend” the chance to also win.
They may send messages that claim the victim has been stranded in a foreign country and needs a short-term loan to get out of trouble. Because the recipients of the message think they are talking to someone they know, they may agree to “loan” the money.
The scammers may also use the illusion of friendship to collect personal information from the victim’s friends. A clever cloner may even be able to commit identity theft by tricking the victim’s friends into divulging a large amount of their personal and financial information."
How the Clone of your account is made:
The cloner copies some pictures and contacts from your own account, then sends friend requests to enough people to get them signed up.
Now, I ALWAYS review a profile of any friend request and see if there is any depth to the newsfeed, common friends, lots of pictures, favorite movies, etc. Clone accounts will usually be almost empty of content.
If the requesting account is mostly empty, I search for the REAL person and usually two account names popup with same picture.
I report the clone to FB which usually shuts them down pretty quickly. I also notify the REAL friend.
PS: One way that a cloner finds out who your friends are is they get you to post a detailed, uniquely worded request for friends to COPY and paste the same wording into the friends profile.
Then the cloner only has to search on that uniquely worded request (or phone number) to find all your friends foolish enough to do that.
They also tell you NOT to share it, but to copy and paste. Then they send friend requests from the cloned account to those people.
Thus, DO NOT copy and paste such info to your profile. This method is also used by marketers to pick up leads.
Update Mar. 8, 2017: Here is a Tampa NBC video report on another security danger, where Facebook users answer quizzes that could result in downloading viruses or giving away personal information.
1. Understand that most "hacking reports" are really cloning or duplicates, and your own account should most likely be safe. But be sure to have a strong password.
2. If asked to friend someone you think is already a friend, visit the suspiciaous profile and research if the account is empty or a duplicate like mentioned above.
3. Don't copy and paste unique terms into your profile even if a friend requests you do so. They could even request you post a hotline phone number. Then any scammer can use the unique phrase in a Facebook search request and find all that person's "friends" for scamming or marketing purposes.
4. REPORT any friend requests from clone accounts of friends to Facebook. Then inform your friend with a private message.