When jumping to conclusions leads you astray.
Don’t accept any friend requests from me, my account has been hacked!
We’ve all seen that one on Facebook. Someone got reports of friend requests they didn’t send, so they post a message to all their friends that they’ve been hacked.
Seems plausible, right?
Except it’s not. It’s exactly and completely wrong.
Their account was never hacked.
Become a Patron of Ask Leo! and go ad-free!
Friend requests don't indicate a hack
You can’t friend request your existing friends. Any friend requests they see are from other, very likely fake, impersonation accounts. The right thing to do is to report the fake accounts to Facebook. Hackers seem to use this technique to eventually impersonate you and attempt to scam your friends.
You can’t friend your friends
It’s pretty simple: if someone is already your friend on Facebook, you can’t send them another friend request. That would be redundant because they’re already your friend.
If the only symptom is that some of your (already) friends on Facebook are asking you why you sent them a friend request, it’s extremely unlikely that your account has been hacked.
Your account wasn’t even involved.
Change your password if you like, but telling all your friends “I’ve been hacked” is … well, actually it’s kind of embarrassing. You haven’t been.
This is something else.
You’ve been impersonated
What’s significantly more likely to have happened is this:
- Someone created a new Facebook account.
- They used your name. (NOT your email address, just your name.)
- They stole photos of you and used those photos in the account.
- They examined your public posts or profile to determine who your friends are.
- They then sent those friends new friend requests from this new, fake account.
Other than the person viewing your photos and friends, your account was never involved.
Most importantly, your account was never compromised.
So, what do you do about it?
Report impersonation accounts
You, or your friends receiving these friend requests, should go to the account in question and report it to Facebook.
Make sure that your friends report the impersonator, not you.
Or you can tell your friends to simply ignore the friend requests because you’re already friends. Those requests are coming from a fake account.
Why do some people try to create these fake accounts and connect with your friends?
My theory is that it’s to prepare for scams and abuse to come.
Perhaps sometime in the future, after you’ve all forgotten about this, they’ll reach out to their “friends” (your friends they fooled into connecting with them), pretending to be you, and ask them for something. Usually, it’s some form of scam.
While that’s annoying, it’s not on you. Your account had nothing to do with it, and you have not been hacked.