Firstly, your friends are more likely to notice it's a scam because they're still connected to your legitimate account. Second, if this does happen to you and you've deleted your account, you can't report it to Facebook. Reporting this issue to Facebook requires either:
1) You (the victim) report the cloned account from the legit account. Or;
2) One of your friends reports it but they must select the victim from their list of friends.
Can't do either if your account is deleted.
That being said, I followed their process for several clients and Facebook refused to do anything about it.
This really isn't true. Remember that FB has many, many users and (presumably) many, many scammers, so one would expect to see lots of scams.
I too get those (messages lately) friend requests, and almost always by the time I read the message the account has been deactivated (when it says FB user).
So, overall, I think they're doing a reasonably good job on this particular problem.
Which, amusingly, is a Facebook spammer strategy — clone someone's account, including profile picture. So even if you delete your account, there may be a spammer clone that shows up in CBP's database.
> But only 24 hours later they've disabled my account because of "security concerns", without notice and now I'm waiting on their support to reply after I've sent them my picture for validation.
I'm not a Facebook's biggest fan, but I think this is a valid security concern (I'm assuming you used the same name as your initial account). Cloning FB accounts and impersonation is a valid threat vector for getting inside someone's network: when accepting friend-requests, most people don't double check if they are already friends with the purported requester.
Counter-anecdote: I've reported quite a number of accounts that have tried to add me and Facebook will now tell you when they remove a fake account. It gives some small incentive to report the profiles.
This seems to be becoming more common, and Facebook as far as I can tell has no active process for it.
A professor I know had a phisher create a duplicate profile with the information/photo cloned from his, who then sent friend requests to all his friends, which a bunch of people reflexively accepted thinking maybe he got a new profile or something. Then people (esp. people over 30) were really confused over the next two weeks or so about which profile was the real one and which was the fake one, though I don't think anybody fell for the phishing scam. To avoid getting the messages the phisher started sending, some people just defriended both profiles!
Facebook didn't respond even after dozens of people clicked the report-this-profile button. Eventually it got taken down only when a friend-of-a-friend of his who works at Facebook promised to pass on the information to the right person.
I have the opposite problem: there are more and more profiles on Facebook and Instagram that impersonate me in order to scam people. However, Facebook does not delete them even after having the profile reported by multiple times by different friends. This week, scammers even setup a fake Instagram profile to impersonate my mother! It's still online despite having been reported by half my family...
And a lot of other fake accounts don't get deleted. FB doens't really care about the detailed information about their users, as long as they advertisers keep sending them money. Don't mix up what FB says they want, and what they actually want.
Facebook has a similar problem. They’ve known about it for more than a decade…it was probably reported long before I reported it, but I first saw and reported in in 2008. But recently a friend of my mom was taken for $1000, so they’ve obviously not taken the simple steps necessary to prevent it.
The scam is basically to find someone with a lot of friends and copy their profile, pictures and all. Once they’ve done that, they reconnect and have an emergency that requires the friend send money. People naturally see the profile photo and name and think their friend is in real trouble.
With all of Facebook’s efforts to de-anonymize users, how is it possible that they’ve done nothing to prevent foreign scanners from blatantly copying accounts?
I think in Facebook's case it has more to do with having highly detailed information about their users, which fakes go against. Anyway, a lot of fake accounts get deleted quickly, as mentioned in the article (and I've observed this myself, as obviously fake profiles I've gotten friend requests from usually end up deleted in a day or two).
> Facebooks creates false endorsements for products from you to your friends without revealing this to you.
Not sure anything guarantees they'll stop doing this after you delete your account.. They knew your name before you created it, and they'll know it after you close it.
They provided false credentials. The account is yours.
I did this once when someone created a Facebook account using my address. I let it go for a year and then did a password reset and deletion. At the time there was no requirement for email verification so the account was fully functional. Again, this is Facebook's responsibility to verify new accounts. A confirmation email link is last century's technology.
Moreover, what happens if this doppelganger is committing crimes via said account and investigators track you down from the email. It is in your best interest to eliminate these accounts. Kindly explaining the situation to non-existent customer support will get you nowhere.
I don't think that's true. They don't have time to police billions of facebook accounts for 'normal' behavior. I'll friend a few random people. In the super unlikely worst case I'm out $300 but probably so is FB. It's in their interests to collect data and sell it under the fake name I gave. Only if I explicitly state to them the name is fake do they lose out. They don't ask and I won't tell and the advertisers will purchase shit. Win, win, win.
I'm glad others are digging into this. It's a fairly common problem. I had to deal with my with my deceased friend's account being hijacked by a 'bait' account a few months ago. Facebook seemed fairly indifferent to the issue.
Maybe Twitter does but Facebook doesn't. That's why in the article they talk about how scammers are very eager to get the conversation off Facebook before the account is deleted.
There are spam accounts generated that appear to be the real person you already know.
Often actual people either lose their FB accounts because they forgot their password, lost the email associated or the 2FA etc... or they closed the account down.
Then real people open another account and re-connect to their old friend groups.
Spammers mimic this behaviour by replicating peoples accounts and then sending out new friends requests that appear to be from someone you know.
Once you accept the spammers friend request they begin to send you malware phishing links and so on.
I'm sure there are other scams around this I havent heard of! :-)
They already active remove fake accounts. I've had some of my fake accounts closed down. In my case they were only fake because a service required I log-in with Facebook, and I don't want everything and anything associated with my main facebook account.
Firstly, your friends are more likely to notice it's a scam because they're still connected to your legitimate account. Second, if this does happen to you and you've deleted your account, you can't report it to Facebook. Reporting this issue to Facebook requires either:
1) You (the victim) report the cloned account from the legit account. Or; 2) One of your friends reports it but they must select the victim from their list of friends.
Can't do either if your account is deleted.
That being said, I followed their process for several clients and Facebook refused to do anything about it.
reply