Make your Friend list private to avoid Facebook account cloning

The risk associated with a cloned Facebook account is primarily to your friends, not to you.
Photo of Facebook profile outline

“You may have been hacked. I have a friend request from you.”

Facebook account cloning is a social media scam that has been around for many years, and yet Facebook users are still vulnerable. Why? Because their Friend list is public.

How the scam works

The scammer targets an individual on Facebook whose Friend list is public, copies the individual’s profile and cover photo and then sets up a “clone” Facebook account using those photos and any other publicly available information from the original account. Remember, your profile and cover photo as well as your username can be viewed by everyone on Facebook.

After setting up the account, the clever cloner then sends friend requests to individuals in your Friend list. The people who friend the clone may then be susceptible to identity theft, malicious website links and phishing scams, such as the “friend in crisis, please send cash fast” one. People often accept clone friend requests because they are not sure if they originally friended a particular individual, or they may think that individual unfriended them and wants to be friends again.

The risk associated with a cloned Facebook account is primarily to your friends not to you. It is not accurate to say that your account has been hacked; instead let friends know that you are being impersonated. Your Facebook account is secure, but your friends are not.

How to avoid being cloned

By default everyone can see your Friend list in Facebook. But it’s easy to change.

  1. Go to your Profile Page, and click on the Friends tab.
  2. Then click on the “pencil” in the right corner and select “Edit Privacy.”
  3. Change “Who can see your friends list?” to Only Me.
  4. Change “Who can see the people, Pages and lists you follow?” to Only Me.

Facebook Friend Privacy Setting






Friends can still see mutual friends when they visit your profile but not your entire friend list. Since your friends also control who can see their friendships on their own profiles, share this information and recommend that they make their Friend list private.

How to catch clones

  • Check for authenticity. Cloned accounts often have misspellings or grammatical errors or posts that are uncharacteristic for a Facebook friend.
  • Go old school and call. Not sure why a Facebook friend is requesting your friendship again? Contact them outside of Facebook and ask.
  • Exercise caution with all friend requests. Scammers count on our desire to expand our connections through social networking. Ask yourself if connecting on Facebook will enhance an existing relationship or renew an old one before accepting a request.
  • Report cloned accounts. When you become aware of a cloned account, let your Facebook Friend know and report the account. The more reports that Facebook gets on a cloned account, the more likely they will take down the account quickly.

MORE: Check out these eight tips for a safe and secure social networking experience.

It’s inaccurate to post that you’ve been “hacked” because you’ve actually been cloned.

Related Posts