Clone wars: what to do about fake Facebook pages

What we learned from having our own account cloned.

By Nick Gelling

Test writer

Cloning is a technique scammers use to trick people into handing over money or personal information. It involves copying the social media presence of a trusted person or organisation, and abusing that trust.

Most commonly, the scam duplicates an individual’s account and attempts to trick their friends into sending money. If you think your friend has been cloned, report the scam to the social media platform as well as an organisation like internet safety watchdog Netsafe, and let your real friend know.

To avoid being targeted:

lock down your privacy settings so only friends see your posts
decline any friend requests from people you don't know
make your friends list private, so scammers can't target them if your account is copied.

While it’s usually personal profiles that are targeted, particularly brazen scammers sometimes try to copy the page of a popular business or organisation.

Our first-hand experience

Last week, a Facebook user with the name Consumer-nz appeared, complete with duplicated profile and cover pictures. The fraudulent account began adding New Zealanders as friends and trying to scam them by mimicking the prize pack promotion we’re currently running.

One of our members let us know, having reported the account and been told by Facebook that it was legitimate. Confused, we reported the page too, and were told the same thing:

Eventually, we were able to use contacts at Facebook to assist in having the page removed, but the average consumer won’t have those contacts. Netsafe can assist when harmful content is posted, but this leaves cloned pages in a potential enforcement gap, even though they clearly breach Facebook’s community standards.

Think twice before entering a competition

It’s no coincidence which Consumer NZ post was targeted for cloning – competitions are often imitated by scammers, because they’re an easy way to gather personal data. They also spread organically, due to people liking and sharing the post.

Netsafe has a few tips for avoiding fake social media competitions:

Investigate the profile or page. Scammers often only bother to copy one or two posts before moving on to another grift. Scroll back a little way to see if the page has more to it than just the competition post. You might even see evidence of a previous scam.
Consider if the prize is realistic. Some legitimate contests have surprisingly valuable prizes, but if a competition seems too good to be true, think twice.
Inspect the URL. If a post invites you to click through to a website to sign up, hover over the link to see if the web address matches the organisation running the competition. If it seems safe and you click through, think about whether the website looks how you’d expect too.
Don’t give away too much information. Legitimate competitions will ask for a few personal details, like a name and email address. If a form asks for more, it should be clear why – for example, a birthdate for an age-restricted competition, or an address if the prize will be delivered. Some details, like your driver licence or bank account info, are huge red flags.

When we originally announced our competition last week, I was secretly pleased to see this comment on Facebook:

It shows our followers are being thoughtful about the viral contests they’re seeing on the internet. Hopefully, that same healthy skepticism meant nobody was duped by the copycat.

Small businesses beware

If you run a Facebook page for your small business, watch out for this happening to you. Being the target of a clone can hurt your reputation and damage trust with potential customers.

Worse, there’s every chance Facebook’s algorithms will determine that the clone is harmless, like it did for us. Only, you might not have the leverage to force the issue.

Cert NZ senior incident analyst Tim Hamer said it’s harder for companies to avoid this scam.

“Unfortunately, there’s little businesses can do to stop their account being cloned as they need to operate their accounts publicly, but we would recommend businesses make their legitimate social media accounts clear by linking to them on their website and in the bio section for their other social accounts,” he said.

“It can also help to search for your business name on social media occasionally to see if there are any cloned pages and report them. And remember to let your customers know if there’s any scammers about, so they don’t fall prey."

Have you been the target of a digital scam? Contact me at nick@consumer.org.nz so we can use your story to protect others.

Member comments

Get access to comment

Get access Log in

Kas S.

20 Nov 2021

I have a Facebook page

But use it sparingly. I get annoyed when people like Consumer NZ (No offence) tell me to sign up to them on Facebook to see all the deals.... blah blah blah. I only make contact with a small amount of Friends I have on it (Just checked - 15) plus 2 community ones and that's not often. I find Facebook a total 100% scam and a shambles. The amount of people that believe everything they read on it is mind blowing not to mention the people that get scammed in buying something, worse when it's too good to be true. I've never fully completed my Profile as I don't want anyone getting the information but hay if Facebook rocks your boat then continue on and don't listen to me :-)

See 2 more comments

This field should be left blank

Was this page helpful?

Sorry, you need to have JavaScript enabled to use our website. Visit enable-javascript.com to learn how to enable JavaScript for your browser.

Or visit our Technical support page to find out how JavaScript is used on Consumer.