First off, yes, Facebook has been hacked, and no, we don’t yet know how bad that hack is. Second, your Facebook account probably has NOT been hacked, and you probably don’t have a clone out there, despite all the messages and posts saying otherwise. Finally, it is actually possible (though unlikely) you do have a clone, but it’s relatively easy to fix that if you do.
There. Hope I’ve cleared everything up for you.
The sarcasm is intended to show how serious hacks of massive platforms like Facebook can be. Pranksters who haven’t hacked anything can take advantage of confusion to create almost as much disruption as if they’d actually hacked something. That’s what’s happening right now.
In case you haven’t logged onto Facebook recently, a very viral message is going around, with senders (and posters) claiming they have been hacked. They believe they have an impostor, and they are warning recipients not to accept friend request from this impostor.
The prank begins when victims receive a message that looks something like this: “Hi….I actually got another friend request from you yesterday…which I ignored so you may want to check your account.” That message urges recipients to forward the warning to everyone they know — that’s always a bad sign. I’ve had plenty of friends simply post their own warning about it on their Facebook wall. A few have sent around FB messages directly to me. The posts look like this:
“Please don’t accept a friend request from me. My account was hacked.”
In most (but not all!) cases, it’s a false alarm. A local Department of Homeland Security office in Louisiana is practically begging people to stop posting it.
“You can stop forwarding that latest warning from your Facebook friends about being hacked. You weren’t. It’s bogus. And you’re just making it worse,” it says.
Why is it believable? First, because Facebook did announce a serious hack last week, one we are still learning about. At least 50 million accounts were compromised. So Facebook and hacking have been in the news.
But perhaps even more significant: Facebook impostors are a real thing. At various times, there have been many mini-epidemics of it, though I am impressed with how well Facebook seems to contain them. In the real scam, which is pretty easy to pull off, a criminal pilfers a bunch of (public) photographs from your profile, then invites a bunch of your (public) friends to connect with this new profile. In elaborate versions of this scam, the criminal eventually gets around to asking for money or something else from your friends, who are understandably confused.
How can you tell the difference between a real bout with an imposter and this current hoax? First, if a friend claims you’ve been imitated, ask to see a link to the fake profile. That’s your best test. You can also search for your name on Facebook and see what comes up. If an impostor is connected to even a few of your real friends’ profiles, the fake profile will likely appear high in your searches, even if you have a common name like Bob Sullivan.
Real impostor victims should report the fake profile to Facebook’s security folks. You do that by clicking the button that says “give feedback or report this profile” button, which is under the “…” more button on a profile page. The first option there will be “pretending to be someone…fake profile.”
This is a good time to familiarize yourself with other Facebook safety and security settings, too. Under settings, select “security and logins” and see a whole host of important settings. Click on “Where you are logged in” and make sure nothing looks strange. And while you are there, turn on two-factor authentication because…why wouldn’t you?