The Facebook Fraudster’s New Strategy: Friend, Fraud, then Forget – How to Protect Yourself

A common Facebook social engineering or fraud tactic is to pick someone with friends you want to target, copy their Facebook profile entirely, and then start friending their friends one by one, until your new profile looks completely authentic. In the past, it was easy to get rid of these fraudsters by just reporting their account (click on the “…” in the upper-right of their profile, and then click “report”). But they’ve gotten smarter. Once the fraudsters realize you’re onto them they now block you, and you can’t access that account to report them any more – this is a flaw in Facebook’s system that I think needs to be fixed.

The problem happened with a distant cousin of mine. I received a friend request from him, and I had forgotten I even friended him. I’ve also had it happen with a few friends of mine where I had just thought they unfriended me and were changing their minds. Out of habit, I accepted the friend request, and immediately the fraudster (go report him!) messaged me as my cousin. He started asking me about some sort of military retirement plan – my grandfather, who served in the military, has the same name as me so I thought my cousin was just mixing me up with him.

Before I knew it, I realized it wasn’t the real cousin of mine. A quick look at the profile of the individual I was talking to confirmed such (there was only one update on their profile), and I called him out on it. Next thing I know, as I was just about to report it, the profile is gone – I thought it was a success and Facebook had discovered the impostor. I was wrong!

It turns out Facebook has a flaw where fraudsters like this can block you, removing your ability entirely to report them, and making it even harder for Facebook to identify these fraudulent accounts. He’s now harassing other family members of mine, the ones that don’t know how to report him. It’s actually a pretty smart move for a social engineer. So how do you protect yourself?

There a couple things you can do first, to protect yourself, and second to report these individuals:

  1. Don’t friend people you don’t know in real life! If you want others to follow you, go to your “Friends” page (see instructions in step 2), and click on “Followers”, then enable the follow button there. You can then use Facebook privacy on your posts to enable some posts as public for your followers and others just for your friends. The fraudster may not even be someone you know, and this is an easy tactic for social engineers to gradually get control of your profile, your Facebook Pages, or even your money. They just have to make you think they’re your friend!
  2. Mark your friend list to only be visible by a specific Facebook list you’ve identified as “trusted”. This is tricky, because it’s not in the normal Facebook privacy settings. You can do this by going to your Facebook profile (click on your name in the upper-right), and then clicking on the “Friends” link to take you to your list of Facebook friends. In the upper-right of that, click on the little pencil/edit icon, and select “edit privacy”. Now you’ll be given the option to select who can see your list of friends – in this area you want to select either just your friends, or get even narrower with a list of “close friends” you trust even more. When you’re in my friends list, you’re protected. You should protect your friends too.
  3. If you’ve previously friended the individual friending you before, look back at their profile to see how many posts they have. Usually the impostors only have one or two posts. They may have the same friends though. Also, search for the friend, and you’ll now see 2 profiles. Don’t accept this individual’s friend request! And that brings us to my final suggestion.
  4. Report the individual! Assuming they don’t block you, you can do this very easily by going to their profile, clicking the “…” in the upper-right, and then select “Report”. Select the appropriate categories and make sure you check the box to report to Facebook. The more of these Facebook receives, the faster the impostor will go away. Get all your friends to do this – it works!

    If the individual has blocked you, it’s not as easy (and something Facebook really needs a better solution for if you ask me). It took me about 5 clicks to finally find the form using Google Search (and good luck finding it directly on Facebook). Just go to this link, fill out the form, and they’ll be reported:

Unfortunately, there are many of these fraudsters that get away with what they’re doing, constantly harassing individuals and their friends because they don’t know how to get rid of them. Many older individuals end up just removing their Facebook accounts. Some go to the extent of removing all their Facebook account and opening a new one, erasing years of history with the individual.
Facebook really needs better solutions around this, but for now I hope this article can help you. Oh, and if you get a chance, go report this fraudulent profile for my cousin!:

Published by


Jesse Stay has been a pioneer in the space of social media marketing since before it was called "social media marketing". Originally a software developer, Jesse built a tool called which helped brands like Pepsi, Brittany Spears, and MC Hammer grow their social media presence, and before he knew it brands were coming to him for help to grow their presence in very unique ways. His tool was featured on almost every tech blog and even mainstream news sites like New York Times, Techcrunch, and Mashable. Jesse also spent a brief period working FOR Facebook, Inc., helping them to build out their documentation to help companies integrate Facebook Connect into their websites and mobile apps. Jesse took his skills and helped the LDS Church kick off most of its social media programs. While there he helped launch the award-winning "I'm a Mormon" marketing campaign with global reach worldwide in the millions of views and followers. Jesse established new global programs at the Church to further grow its reach amongst both members and non-members of the Church, working with every department of the Church, also including entities like the Mormon Tabernacle Choir and Brigham Young University. He also helped the Church navigate its voice and presence during the Mitt Romney Presidential campaign due to the significant attention the Church was getting at the time. He established the social media advertising techniques and strategies employed at Deseret Digital Media growing over 20 million fans across their news properties in just 6 months, and was featured on AdWeek for his success. As founder and Principal of Stay N Alive, Jesse has developed very unique techniques in social media advertising to help organizations grow presences, within months on minimal budgets, into hundreds of thousands of highly relevant and engaging fans and followers. He designed and teaches social media advertising at LDS Business College. He has helped grow sales, and has a belief that yes, you CAN measure social! Jesse has been featured as one of 10 entrepreneurs to follow on Twitter (next to Biz Stone and Ev Williams, founders of Twitter) by Entrepreneur magazine. Jesse has written 9 books on the topic of social media marketing and development, including Google+ Marketing For Dummies and Facebook All In One For Dummies, and eats, lives, and drinks social media with a personal combined presence of over 600,000 followers on his personal social profiles.

0 thoughts on “The Facebook Fraudster’s New Strategy: Friend, Fraud, then Forget – How to Protect Yourself”

Leave a Reply

Your email address will not be published. Required fields are marked *