Were You Hacked?

By Scott Hamilton

Senior Expert Emerging Technologies

I have been noticing a lot of connections on Facebook claiming that they have been “hacked,” and saying “Do not accept a friend request from me.” This prompted me to write this week on the topic of Facebook security and issues with account hacking.

There is a very large misunderstanding. There are three ways your Facebook account is at risk and I will cover them from the most likely method to the least likely method so that you will have an understanding of what exactly is going on when your Facebook is hacked.

The most frequent method that makes general users believe their Facebook has been hacked is when they are notified by a friend, “I received a friend request from you, you have been hacked.” In fact, this is a false statement; your Facebook account has not been hacked. The hacker does not have access to any of your private Facebook data; they have simply gathered all your public information and “cloned” your Facebook account. The account that has been cloned is actually under no danger at all; changing your password, profile picture, etc., is not necessary and actually does no good at all.

Cloning works like this, A stranger gets on Facebook and finds your public profile. If you want to see your public profile, open an incognito window on Google Chrome, or New Private Window, and go to www.facebook.com, then search for your name. You will see all the information that anyone in the world can see about your account. You will be shocked at how much is public. The stranger then takes this information to create a new Facebook Profile using your public information so they look just like you on Facebook.

The next step in this “cloning hack” is to send friend requests to all your friends, slowly, over time. The real attack begins when your friend accepts this fake request. While you are still logged out of Facebook, go look at a friend’s page and then login and look again. You will see that there is much more information available on pages of friends, for example phone numbers, e-mail addresses, physical address and full access to their friend list. It is your friend who accepts the request that is really the one being hacked. So never accept a friend request from someone who is already your friend on Facebook, unless they have personally told you they created a new account. Accepting a fake friend request is the second way to be hacked on Facebook.

The third and least likely way is that someone manages to steal your Facebook password. In this case, they are actually “you” as far as Facebook, the internet and all your friends are concerned. This one is the most dangerous in the fact that if you shop in marketplace and store credit cards, they can make purchases on your account and even send themselves money on Facebook. This is highly unlikely to occur, but you will know if it happened because Facebook notifies you of logins from unknown devices. If you see an email asking if you logged in to a new device and you have not, change your password immediately.

Until next week stay safe and learn something new.

Scott Hamilton is a Senior Expert in Emerging Technologies at ATOS and can be reached with questions and comments via email to shamilton@techshepherd.org or through his website at https://www.techshepherd.org. You can also follow his channel on rumble at https://rumble.com/c/c-1141721.