JACKSONVILLE, Fla. – If you’ve ever received a message from a Facebook friend warning you not to accept a friend request from them because their account was “hacked,” you’re not alone. It’s easy to believe their page was hacked, but it’s likely their account was cloned.
News4JAX Consumer Investigator Lauren Verno sat down with OnDefend Security CEO Chris Freedman to discuss the differences between two popular social media problems circulating the cyber world: cloning and hacking.
Scammers are always “looking for a quick target to clone,” said Freedman “Let’s start with Facebook cloning. Facebook cloning is when someone creates a new Facebook account with your profile picture with information about you that they can find on the web to impersonate you to invite your friends to be their friends.”
While hacking into an account is a little trickier, cloning an account takes no work at all.
Unfortunately, a scammer can clone a profile on any platform, not just Facebook. Even being blue-checked certified doesn’t protect you from potentially experiencing a cloning or hacking situation.
They don’t need your login information; they simply need the profile picture, which is as easy to get as a right-click and save.
“Facebook allows anyone to create an account. The only validation is that they verify your email, and they don’t know who’s email that is,” explained Freedman.
These bad guys don’t even need to go through Facebook to set up an account. News4JAX found thousands of accounts on sale, some with friends list included for less than a dollar.
“The trick is when somebody impersonates someone with Facebook cloning then they could use messenger to scam them out of money, to use a ransomware attack where they can then attack them through email,” said Freedman.
Luckily, the good news is a cloned account can be easy to spot.
If it’s a celebrity or public figure, look for the blue checkmark.
Freedman also recommends searching for yourself. If you find an account with a similar name, the exact profile picture and friends list, report it.
Finally, be hesitant to accept a new friend request from somebody you are already friends with.
“They create an account, they friend your friends and then they try to reach out on messenger like ‘Hey, Chris, I’m in a bad spot. Can you wire me some money on Venmo really quickly?’ You just lost some money,” said Freedman.
Usually, scammers target people with large friend lists to send as many messages as possible, hoping that one person will respond. Freedman encourages you to be proactive and hide your friend’s list from the public.
While no one wants to be cloned, Freedman says it is far worse to be hacked because it puts you at a greater risk for exposure than being cloned.
“Hacking is when they grab your credentials, usually through phishing emails or other cases, and then they are actually inside of your account where they try to enact scams,” Freedman said. “If someone’s inside your account there’s no real way to know.”
Once someone realizes they’ve been hacked, it’s too late. However, to be proactive, actively check your recent history.
Review your messages, posts, and ads, and make sure you were the person responsible for making them.
Also, check to make sure your name or birthday has not been changed.
If you notice something strange, report it. Then immediately change your password. Freedman recommends selecting a new password that includes 15 characters made up of numbers, letters and symbols.
That is, of course, if the scammer didn’t already change that information.