There’s always a low buzz on social media about account “hacking”, where unknown individuals are able to get ahold of account login information and post things or take data without permission. What people usually notice is that friends that they already know they are ‘friends’ with are sending them weird messages and friend requests. They assume that someone has taken control of their account and is using it to spread viruses or scam people. While changing your password to your account every once in a while is a great idea, what we have found is that what actually happens is a different kind of sinister.

Most of the time, the actors behind these “hacks” really only want one thing: your personal information, not your friends’. Whether it just for extremely specific advertisement targeting or ways to get into your more valuable accounts, they usually don’t care about having actual access to your Facebook account. This is where Facebook account duplication comes in. The weird friend requests don’t actually come from your friend’s account, but from someone who has carefully scraped all of the information and pictures from their account and copied it into an account of their making. When your friend has a public friend list, they can then send requests to everyone on that list, hoping to become friends with someone with a more private account in order to gain access to the information they’ve made private, as well as send scam messages and malicious links. It then becomes like a virus, repeating the process and slowly gaining viewership to other private accounts, despite our carefully chosen privacy settings.

So, while your friend’s account is not in immediate danger, we must still be vigilant in our activities on Facebook. What if we don’t notice any differences in the two accounts? What if we just assume they unfriended us (something we are not notified of), then wanted to be friends again? We must be careful about the requests we accept and the links we click on. It is always better to double check with our friend list to see if they are already there, or message them a different way to verify that they sent it to us. There are things we can do to protect our own account from being used this way, such as keeping any information we would not like being used off of our account, even if they have a place to provide it. There is always a balance between privacy and convenience. Is it easier for people to find you and interact with you when your account is public? Definitely. What would be the point of having an account where nobody can see anything you post or can’t tell if it’s actually you? That is why we must take greater care in choosing what to put in such a public place. Even without active hackers, phone numbers that Facebook said were private were leaked to the internet. We must be careful about where we put our information and how much we trust those who want it. Don’t be the next link in a chain of copied accounts.