It reads something like this:
“Hi....I actually got another friend request from you which I ignored so you may want to check your account. Hold your finger on the message until the forward button appears...then hit forward and all the people you want to forward too....I had to do the people individually. PLEASE DO NOT ACCEPT A NEW friendship FROM ME AT THIS TIME.”
Should you be worried? Well, we have some good news and bad news. The good news is: Chances are, you were not hacked if you received this message, nor are you being impersonated on Facebook, and no fraudulent friend requests got sent. The whole thing is a viral hoax. The bad news is: People are falling for yet another copy/paste hoax on Facebook, a website with a long history of them.
Snopes, the fact-checking site, explains that the hoax appears to reference fears about “cloned” Facebook accounts, where would-be scammers copy the name, profile picture, and basic information from a real account to create a second, nearly identical account on Facebook. Then, they send a bunch of friend requests to the original account’s friend list, to try to scam the person’s unsuspecting friends into granting access to their personal information by accepting the request.
A Facebook spokesperson said in an emailed statement that the company had “heard that some people are seeing posts or messages about accounts being cloned on Facebook,” messages that they likened to a chain letter or email. Although account cloning is a real thing, the volume of messages spreading across Facebook don’t reflect any actual spike in cloned accounts on the service.
If you got one of those messages, there are a couple of things you can do: First, check on your friend’s account and make sure it’s not a clone of their real account (if you search their name and find two completely identical accounts, that’s a pretty good sign that one is a clone). And if you were messaged by a “clone” of your friend, then report that account to Facebook -- cloned accounts violate Facebook’s Community Standards.
But, based on a small sampling of my friends and colleagues, most people sending and getting these messages are likely real people, using their real accounts. The hoax is spreading to you on the winds of good intentions. In that case, simply ignore the message.
Still, what’s strange is that people are (perhaps absentmindedly) sharing a message that includes the words “I actually got another friend request from you,” even when they received no such fraudulent friend request.
Alarming, urgent messages have a way of going viral on Facebook, despite whether they are true. The messages are essentially the next generation of chain letters, purporting to provide important information — and dire consequences if not shared by the recipient. Earlier this year, a hoax claiming Facebook was about to restrict your news feed to 26 friends went viral thanks to well-intentioned users who copied and pasted the disturbing “news” to their own feeds. And there’s the immortal copyright hoax. You know the one: the paragraph of legal-sounding text that people post to their Facebook feeds in a misguided attempt to prevent Facebook from taking over the copyright to everything they post.
These messages tend to go viral by tapping into real fears about the power of Facebook. The copyright hoax is, in part, a meme about what we post to social media, and what those companies do with that information. The 26 friends hoax came as Facebook announced some major changes to how it picked which posts to display in your news feed, leading to a lot of speculation and anxiety about how the company’s algorithms choose what you see.
Similarly, the “you’ve been hacked” hoax spread in the wake of some real news about Facebook security: that tens of millions of accounts were compromised by a massive hack. As my colleague Brian Fung reported, users who were affected by that hack were forced to log out of their accounts as a security measure. Facebook also placed a message at the top of the news feed explaining what happened to the 50 million users whose information was compromised. That message was real.
This post has been updated.