A viral hoax is spreading across Facebook, prompting officials to warn against heeding the fake messages about cloned accounts.
The message says, “”Hi….I actually got another friend request from you yesterday…which I ignored so you may want to check your account.” It then asks the recipient to forward the message to all their friends, an instruction that causes the hoax to spread even farther, officials said.
Here is the verbatim message that a staff member received via Messenger:
Heads-up!! Almost every account is being cloned. Your picture and your name are used to create a new face book account (they don’t need your password to do this this). They want your friends to add them to their Facebook account. Your friends will think that it’s you and accept your request. From that point on they can write what they want under your name. I have NO plans to open a new account. Please DO NOT accept a 2nd friend request from “me”. please forward to all your contacts
While cloned accounts can be an issue — when fraudsters set up fake accounts using a real person’s name — there isn’t a current epidemic, as the hoax message suggests, according to CBS Philly. The hoax works by suggesting an account has been cloned, even when it hasn’t, prompting worried users to spread the message to all their friends.
“Your account isn’t sending duplicate friend requests. And you didn’t receive a request from the person you’re forwarding it to,” officials in Louisiana warned in a public service messageon Facebook. “You’re simply doing it because the message tells you to.”
Facebook has not yet replied to a request for comment.
The cloned account hoax comes after Facebook reported a security breach in which 50 million user accounts were accessed by hackers exploiting a bug that affected its popular “View As” feature. Another 40 million user accounts were at risk from the security flaw before Facebook took steps to protect them, the company said last month.
The security bug would let attackers steal “access tokens,” which are digital keys that Facebook uses to keep people logged in. Attackers could “seize control” of user accounts through the access tokens, Facebook said.
