Are friends telling you they’ve gotten a friend request or spammy message? Here’s how to prevent the bad guys from doing it.
Almost every day I see at least one of my Facebook friends post to their timeline that their “Facebook has been hacked”. More often than not, that “hack” is someone cloning their Facebook profile by taking their name and photo and creating a fake account.
Cloning a Facebook profile is both easy and lucrative for the bad guys. There’s hardly any work involved and they can make money by spreading malware and ransomware in messages and passing along scammy websites hoping someone clicks and pays.
Many Facebook users make it even easier for the bad guys. If you do any of these things, you’re setting yourself up to be cloned.
If you’ve accepted friend requests from people you don’t know, they can see your friends lists, posts, photos, phone numbers, and anything else you make public on Facebook. This gives them the ability to copy or steal your information as well as the information of your friends.
Many people know this, but did you know friend requests you’ve turned down can also see your information too?
Go to your friends’ list and from the “More” tab, choose followers. All of those people are folks who’ve sent you a friend request that you denied. They’re “followers” and can not only see everything you post publicly, but they also get updates when you post. If you see someone you don’t know, block them. Facebook makes you do it one at a time.
In “Public Posts” in Settings, change who can follow me to “friends” or “friends of friends”.
Keep people who aren’t on Facebook from seeing your posts and information
Usernames and passwords can be stolen if you’ve used Facebook to sign up for apps and websites. Most people do this after downloading a new app because it is convenient. But it also opens a door for people to access your public information on Facebook.
Go to Settings, then “Apps and Websites”. Facebook now removes those 3rd parties from seeing your information if you haven’t used them for 90 days. But it’s not always accurate. Make sure you tap or click the see more tab. If you see something you don’t remember or don’t use, remove it.
Make posts viewable only to your friends or friends of friends. otherwise, anyone can see what you post, even if they’re not on Facebook.
Do your friends a solid and keep your friends list to just you or friends. remove your phone number and birthdate from being displayed publicly. You can leave your month and date of birth visible to friends if you want to let them wish you a happy birthday every year. But no one needs to see the year you were born.
So what should you do if your Facebook profile has been cloned?
Report it to your Facebook. If you see strangers leaving comments report them to Facebook as fake accounts.
We posted the story about cloned profiles in the morning and in minutes, a stranger left a scam in the comments. Someone did it on the LinkedIn article I shared too. So they’re getting notified any time anyone posts anything about their scams and how to remove them.
See where you’re logged in to Facebook. You’ll find this in settings. If you see a sign-in and you’ve never logged into Facebook from there, log out of Facebook on all devices and change your passwords. I use a really strong password and two-factor authentication and I also check this from time to time. When I did today, I saw someone had signed into my Facebook account in Bangladesh. You’ll have to sign in again on all of your devices using the new password but that will prevent someone from anywhere in the world from signing into your account.
Lastly, if you haven’t done it in a while, use Facebook’s privacy checkup to review your settings.