November 27, 2018

Were you really hacked, or is it just another Facebook hoax?

November 27, 2018

Have you received the following message on your Facebook Messenger?

"Hi....I actually got another friend request from you yesterday...which I ignored so you may want to check your account. Hold your finger on the message until the forward button appears...then hit forward and all the people you want to forward too....I had to do the people individually. Good Luck!"

If you did and felt panicked, worried, or otherwise compelled to forward the message to some or all of your friends, you were pranked. This is a known Internet hoax. It first made the rounds on Facebook in October, 2018, one month before the latest circulation.

Hoaxes like this make the rounds on social networks every month or so. They are created by teenagers, or other silly people who never grew up, who turn their hoaxes loose on their friends to see how fast and far they can spread. I call this shits and giggles hoaxes. These Facebook chain letter hoaxes are like kids playing Tag, You're It.

What gives this away as a hoax?
The person sending it to you didn't compose the message. They forwarded it after receiving it from one of their Facebook friends. The same exact message is being sent by thousands of members right now as I type this. If you see other people talking about receiving the same message, it is likely a chain letter hoax.

The message claims that you sent another friend request to the person contacting you on Messenger, "yesterday." They claim they ignored it. But now they are telling you about it, but haven't mentioned your name; they just said "Hi." In effect, they are claiming that your account has been hacked.

They ask you to hold your finger down until the forward button appears. But, most computer users don't have a touch screen. The person who created this message was using a smartphone or tablet that used touch rather than mouse actions. The entire hoax is basically targeting handheld device users.

Last, they suggest that you forward the very same message they sent to you, as is, to as many of your friends as you want, which is usually everyone on your friends list. Did you read the first line of the message? It claims that "you" sent another friend request to them. If you forward this hoax you are telling your friends that you received another friend request from each of them! This doesn't make sense unless you actually did receive another friend request from all of these friends. Your friends who actually take a minute to read every word will either think that you are telling them that their account has been cloned/hacked, or you are mistaking them for someone else, or that you have been taken in by a hoax (which is what actually happened).

If this was an actual alert from a friend about your account being cloned, wouldn't you rather tell your friends in a post on your timeline where all your friends can read it? You could then ask your friends to go to that fake profile and report it as a scam page that is claiming to be somebody that they know.

After receiving a few of these messages you and your friends should realize that it is a chain letter hoax. It's time to grow up and stop falling for and participating in chain letter hoaxes.

The bottom line is that if you do actually receive a second friend request from an existing Facebook friend, tell them about it in a private message, or call them on the phone. Some members have the habit of losing access to their accounts (forgot their password, lost the device that had the account, the old account was deactivated for some infraction, or by choice, etc.) and create new accounts. But if you didn't actually receive another friend request from one or more of your friends, please don't forward chain letter messages claiming that they did send the request!

How can you tell if your profile has been cloned or hacked?

Not withstanding the hoax that this article referred to, there are cases where Facebook members have had their accounts copied (aka, "cloned"), or hacked. Cloning happens due to lax privacy and security settings that lets other people copy your details into a new account they create in your name. Sometimes this occurs when you accept a friend request from somebody who is up to no good, or from somebody's cloned fake account. This is done by scammers who want to get access to not just you, but also your friends. Cloned accounts are used to scam people on the victim's friends list, but leave their account alone.

Hacking happens because somebody reused their Facebook account password and email address or user name on other websites that were hacked, or by someone using a password guessing program, or due to spyware (e.g., a key logger) on their computer or smart device. Usually, when someone has their Facebook account hacked, they find themselves logged out and unable to log back in. Hackers usually change the password to keep their victim from regaining access to those accounts. That is how it is.

So, a person who is notified that their friends are receiving new friend requests from them, but are still able to log into their Facebook account, and don't see any new administrators or contact names or email accounts under account details, can assume that their account has been cloned, not hacked. These folks need to tighten several privacy and security settings to prevent this from reoccurring.

The most important privacy and security settings that should be strengthened are who can see your past and present posts and who can view your friends list. Here's how to do that.

  1. On a computer using a web browser (e.g., Firefox, Chrome, Edge, Internet Explorer, Safari, Opera): while logged into your Facebook account, click on the down arrow on the far right side of the fixed position navigation bar on top of the page.
  2. A drop down menu will appear. Use your finger (touch screen only) or mouse pointer to select "Settings." The Settings menu opens on the left side.
  3. Under Security and Login, take a look at your entries and alerts about logged in devices to make sure it is all correct. Change or delete anything that is outdated or unwanted.
  4. You can change your password under the Login section.
  5. Move down and click on the menu item labeled "Privacy."
  6. The first entry on the right asks "Who can see your future posts?" Set it to: Friends.
  7. Next, for "Limit the audience for posts you've shared with friends of friends or Public?," select: LIMIT PAST POSTS.
  8. For "Who can see your friends list?" - select: Only Me.
  9. Review all other settings to ensure things are how you prefer them to be.
  10. On a smartphone, or tablet, or computer that uses the Facebook "app," press the three horizontal lines on the top right navigation bar.
  11. Scroll down to "Settings & Privacy" and tap on it.
  12. Tap on "Settings"
  13. Take a look at your "Personal Information" to make sure it is correct. Change or delete anything that is outdated or unwanted.
  14. Open the Security section to confirm or change your login or password details.
  15. Scroll on down to the "Privacy" section and tap on "Privacy Settings."
  16. Tap on "Check a few important settings" and go through those pages to firm up important security details.
  17. Move down to "Your Activity"
  18. Under "Who can see my future posts" select Friends.
  19. Under "Limit who can see your past posts" select LIMIT PAST POSTS.
  20. Under "Who can see people, Pages and lists you follow," select Only Me.
  21. Under "Who can send you friend requests" select: Friends of friends.
  22. Under "Who can see my friends list" select: Only Me.
These are my settings. They work for me. In the end you must decide what privacy and security settings work best for you and your intended audience.

Posted by Wiz at 6:42 PM |

Facebook Twitter LinkedIn Pinterest Instapaper Google+ Addthis

back to top ^

Blog Links

Sponsored Message

I recommend Malwarebytes to protect your computers and Android devices from malicious code attacks. Malwarebytes detects and blocks spyware, viruses and ransomware, as well as rootkits. It removes malware from an already infected device. Get an 18 month subscription to Malwarebytes here.

If you're a fan of Robert Jordan's novels, you can buy boxed sets of The Wheel Of Time, here.

As an Amazon and Google Associate, I earn commissions from qualifying purchases.

CIDR to IPv4 Address Range Utility Tool | IPAddressGuide
CIDR to IPv4 Conversion



Search


About the author
Wiz FeinbergWiz's Blog is written by Bob "Wiz" Feinberg, an experienced freelance computer consultant, troubleshooter and webmaster. Wiz's specialty is in computer and website security. Wizcrafts Computer Services was established in 1996.

I produce this blog and website at my own expense. If you find this information valuable please consider making a donation via PayPal.

Follow @Wizcrafts on Twitter, where I post short updates on security issues, spam trends and things that just eat at my craw.

Follow Wizcrafts on Twitter

Malwarebytes' Anti-Malware is the most frequently recommended malware removal tool in malware removal forums, like Bleeping Computers. It is extremely effective for removing fake/rogue security alerts, Bots, Spyware and the most prevalent and current malware threats in the wild. Learn about Malwarebytes Anti-Malware.

MailWasher Pro is an effective spam filter that protects your desktop email client. Using a combination of blacklists and built-in and user configurable filters, MailWasher Pro recognizes and deletes spam before you download it. MailWasher Pro reveals the actual URL of any links in a message, which protects you from most Phishing scams. Try it free for 30 days.

Categories

Tag Cloud

Recent Posts

Popular Posts

Archives

Subscribe to this blog's feed
Creative Commons License This weblog is licensed under a Creative Commons License.
The content on this blog may be reprinted provided you do not modify the content and that you give credit to Wizcrafts and provide a link back to the blog home page, or individual blog articles you wish to reprint. Commercial use, or derivative work requires written permission from the author.
Powered by Movable Type

back to top ^