Not As They Seem
Recently I have helped several friends and colleagues deal with a scary Facebook scheme. The first email from them always starts with concern because their friends are getting friend requests from them on Facebook. It is a huge red flag because they are already connected as friends, and they sent no such requests. Many people assume, incorrectly, that their account has been hacked.
The real cause is often that someone (or an automated bot) has made a new account in that person’s name. They even copy the profile picture and banner photo. After closer inspection, the imposter’s account is clearly fake. It doesn’t display the history of posts, pictures, and other personal information. It is just a shell. The goal is simply to become friends with as many of your real friends as possible, presumably for data mining. Most people see a name and face in the friend request and accept it without questioning or investigating first.
What Should You Do?
If you find yourself in the position of hearing from friends that they got strange requests or communications from you, start by determining if there is a second account out there. Just search Facebook for your name. In one case, my friend’s account name was identical to the imposter’s version. In another case, the imposter’s account lacked another friend’s hybridization of their maiden and married name. In both cases, the images matched exactly.
If you or a friend can find the false account, then report it to Facebook. On the profile in question, look for the menu below the bottom right-hand corner of the banner image. There, select “Report”. Follow Facebook’s reporting process to identify who the page is impersonating. This is a common attack that Facebook is aware of. Facebook typically removes the false account quickly.
This is easier to deal with and less disruptive than having your real account breached. Having said that, it is still an opportunity to revisit your account security. Take a lot at my guide What Should You Do When Your Facebook Is Hacked?. The big takeaways:
- Change Your Passwords on Facebook and your Email
- Turn on 2-Factor Authentication for both accounts
- Follow-Up with Friends: Make sure they know that you didn’t endanger their safety and security and that the matter has been resolved. Don’t let the attack damage your relationship with your followers.