To start, don’t jump to conclusions.
Don’t accept any friend requests from me, my account has been hacked!
We’ve all seen that one on Facebook. Someone got reports of friend requests they didn’t send, so they post a message to all their friends that they’ve been hacked.
No, you have not been hacked. Not at all. This is a sign of something else completely. Something completely out of your control.
But, indeed, your friends should not accept more friend requests from you. Because it’s not you.
Become a Patron of Ask Leo! and go ad-free!
Friend requests don't indicate a hack
You can’t friend request your existing friends. Any friend requests your friends see are from impersonation accounts. Your friends should not accept the friend requests, and report the fake accounts to Facebook. Hackers seem to use this technique to eventually impersonate you and attempt to scam your friends.
You can’t friend your friends
It’s pretty simple: if someone is already your friend on Facebook, you can’t send them another friend request. That would be redundant because they’re already your friend.
If the only symptom is that some of your (already) friends on Facebook are asking you why you sent them a friend request, it’s extremely unlikely that your account has been hacked.
Your account wasn’t even involved.
Change your password if you like, but telling all your friends “I’ve been hacked” is … well, actually it’s kind of embarrassing. You haven’t been.
This is something else.
You’ve been impersonated
What’s more likely to have happened is this:
- Someone created a new, fake, Facebook account.
- They used your name. (NOT your email address, just your name.)
- They stole photos from your account and uploaded them to the fake account.
- They stole your profile photo and set it as the profile photo for this fake account.
- They examined your public posts or profile to determine who your friends are.
- They sent those friends new friend requests from this fake account.
Other than viewing your photos and friends, your account was never involved.
Most importantly, your account was never compromised.
So, what do you do about it?
Report impersonation accounts
You, or your friends receiving these friend requests, should go to the account in question and report it to Facebook.
Make sure that your friends report the impersonator, not you.
Or you can tell your friends to simply ignore the friend requests because you’re already friends. Those requests are coming from a fake account.
Why?
Why do some people try to create these fake accounts and connect with your friends?
My theory is that it’s to prepare for scams and abuse to come.
Perhaps sometime in the future, after you’ve all forgotten about this, they’ll use the fake account to reach out to their “friends” (your friends they fooled into connecting with the fake account), pretending to be you, and ask them for something. Usually, it’s some form of scam.
While that’s annoying, it’s not on you. Your account had nothing to do with it, and you have not been hacked.
Do this
Stay vigilant, of course. Make sure your account is secured properly with a strong password, two-factor authentication, and that you’ve kept all the recovery information up to date.
But that’s just good security, and won’t stop these impersonation attacks. Those are out of your control.
What’s most important is to recognize them for what they are, not panic, and just report the fake account.
Stay on top of the latest scams, and how to avoid them. Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
best thing one can do is in “who can see my friends list” put it on “only me”.
Yes.
In some cases, it can be the result of a different kind of hack. If you play a game or a quiz, you usually are asked to give them access to your Friends’ list. They can then send friend requests from the fake account to all of your friends, although it’s probably more common for the hackers to spam the people on the lists they hack.
Hmmm, my neighbor is locked out of her account and can’t get back in because her password was changed, but not by her. She’s lost all access to her pictures and it is breaking her heart. Facebook help has not helped because she did not set up two-factor authentication or choose “trusted friends” that could be contacted. If you have a suggestion as to how she can get back into her page, I would greatly appreciate it. She only found out that she was locked out of her account because her friends started receiving duplicate friend requests.
Duplicate friend requests are not a sign of a hacked account. (As the article above explains.)
However, it does sound like your friend’s account has been compromised. The ONLY solution I’m aware of is to follow the Facebook account recovery process, carefully and completely. That’s this article: How Do I Recover My Hacked Facebook Account?
You never answered the question that this thing is titled. A duplicate account was created and reported to Facebook and they came back and said that person is not trying to impersonate my friend. How they came up with their conclusion I have no idea because the duplicate account is sending out messenger to his friends list. It is the duplicate account so how do we get them to fix that.
You did the only thing possible: report it to Facebook.
Facebook’s software is a mess. Apparently, they see no need to improve it as it does what they want: make them billions of $$$.
Funny thing, I just got a fake request from a friend today and a few minutes later a comment I was reviewing linked here. It must be my new brain implant ;-)