Beware of Cloned Accounts

lifetipsA Facebook Example

In this Life Tip, I’m going to share a warning about cloned accounts (also known as spoofing).  Since you obviously use a computer, or you wouldn’t be reading this, you may have an account on Facebook. Over 1 billion people do.  I am one of them and I enjoy it very much. Recently, I was victimized by a cloned account on Facebook. It caused me a lot of extra work and frustration to fix it. Learn from my experience so you can avoid the problem I had.

A few months ago one of my friends had her Facebook page cloned by a spammer.  Well, Spammer was able to access her page (it was a public account with no security settings). He copied her profile picture and a few others and created a new Facebook account with her name. Since there were no security settings, Spammer sent out friend requests to all her friends, including me.

I accepted thinking that she accidentally removed me from her friend list (it happens). Once I accepted, Spammer had access to all my friends and also my email address. Within minutes I started to have a funny feeling inside about accepting that request. I looked at my Friends List and my friend was now on the list twice. I opened the new one, clicked “unfriend” and reported the site as a spoof or clone. But too late. Sponer had my email address.

Tidal Wave of Bounced Mail

A few days later I started getting dozens of bounced emails returned to my account. Spammer used the names of people who knew each other. He probably mined them from Facebook accounts he got into. So he started sending out emails with valid names but my email address to promote his junk websites. They all read something like this:

Hi Bob.  How are you? Hey, this site is really great! Check it out!  -Jane 

In this example, Spammer put Jane’s full name in the FROM line of the email. He uses my email address, not Jane’s as the sent from address. This makes it look like a friendly email. If it was sent from then Bob probably would recognize it as spam and not pay any attention to it. But because Jane Smith’s name is on it as the sender, Bob probably did not even notice my email address, so he reads the note and clicks the site. Many times people like Bob will even respond to the email with a personal message.

Hi Jane. I’m doing really well. The kids are off to school. I have some quiet time this morning. I’m gonna cut the grass later. Dad is going to have surgery the 25th. How are you? Great to hear from you. I checked the site. Do you think I’m fat??  – Bob

Or maybe there will be a response like this:

Jane, is this spam? Have you been hacked?  – Bob

My Pain is Your Gain

So what has this situation done to me that could happen to you?

  • I receive dozens of bounced emails every day. Many of the addresses Sponer uses are no longer valid. He may also be using my address to send out other emails to people he has accumulated illegally from other lists. 
  • I have to delete all these. I can’t block them because it’s my email address. If I block it then I won’t get BCC copies of emails I send out or other things I send out that reply to me.
  • Out of respect for the other victims, I respond to any that ask if it is spam or gives a personal answer to the email, thinking they are mailing the response to their friend. Jane doesn’t get Bob’s response, I do. It’s my email address.
  • I was tagged as a spammer. My personal email address was attached to hundreds of spam messages. That stinks because I paid for that account.

Prevention is the Key

How can you take precautions against this?

  • If you get a friend request from someone you are already friends with, check to see if they still have their original page. If they do, the new one is probably a clone. Message them on their OLD page to see if they started a new page. Don’t accept the friend request until you know it’s your real friend. Once you click yes they have access to your personal information, email and all your friends.
  • When you get a friend request from anyone, click on their name and look at their account page before you accept it. So, if there are no posts on it, or just a few, the person is probably phishing for new contacts to spam or scam you. It’s really important that you do this if you don’t know the person sending the request.
  • Another important tip is to set your Facebook security settings to make your personal information invisible to the public! You should do that with your photos and your friends list too. Do you want total strangers looking at pictures of your children, your wife, your home? It’s not wise to have an open profile. Get a link to help with this below.
  • You should set your friends list in the security settings so no one can see it but you. Just click on “Only Me”. Why should your friends be able to see who your friends are? If you want to connect somebody with one of your friends tell them in a private message to send a friend request to that person. When people have access to someone’s friends, they can usually access their personal information, unless they are wise enough to lock down their account like I do.
  • Keep your best email address only for trusted contacts. (i.e. your bank, your creditors, your personal friends). Also, don’t use it in public, like on Facebook, Google+, Twitter or any other social site. Furthermore, don’t use it to order general merchandise online either. If you use email addresses from Gmail, Yahoo, or some other free service then you can easily delete the compromised account and open a new one. 

A Great Recommendation for You

My profile has been private for a long time, but I changed my who can see your friends to “only me” recently. Kim Komando, who has a national talk show about all things digital, has a free daily newsletter and she recommended that recently. I highly recommend her to you as a digital watchdog and tech advisor. She has an awesome website.

In addition, you can also like Facecrooks on Facebook and receive updates about things that can damage you or your Facebook account. They also have a website. Here are some step by step instructions for locking down your Facebook account for maximum privacy and security. You need to do this. Don’t be lazy. Be wise.

So watch out for cloned accounts. They can cause you a lot of grief and could potentially compromise your identity and personal information.

So that’s my first Life Tip. Hope it benefits you. Just remember, there won’t be any benefit unless you actually do it. Reading alone doesn’t change anything.

If you like this post please share it with your friends on social media by clicking one of the links below. Help me get the word out. Thanks.


Print Friendly, PDF & Email

Author: Randy Hartwig

I am a Christ follower. My adventure with Him started in 1971. I have served Him as a pastor, teacher, worship leader, Business Administrator, and author. He is my Rock, my Light, my Lord, and my Savior. My life was incomplete until I encountered Him.