We may earn commissions when you buy from links on our site. Why you can trust us.

Facebook Account Cloning: How to Spot It and Stop It

by Elizabeth Harper on February 11, 2026

Additional reporting by Palash Volviokar

Facebook account cloning is a simple scam, but it's getting harder to spot. A scammer will create a copy of your real account, using your Facebook profile photo and other public information, to trick your friends with scams or spam that appear to be from someone they know and trust. A cloned account may convince your friends to send money, collect passwords or other information, or spam them with posts and messages for sketchy sites. For example, the cloned account could message your friend saying they need cash to handle an emergency, like being mugged and needing funds to get back home.

What makes this trickier now is that scammers are using AI tools to mimic your writing style, pulling details from your public posts to craft messages that actually sound like you. The old-school "I need cash" message is still common, but the newer AI-assisted versions can reference things you've talked about publicly, making them far more convincing.

You may think your friends are too smart to fall for a scam like that, but because these requests come from you, they may respond without thinking. That's why I recommend double-checking any new Friend requests from people you're already Friends with on Facebook before accepting. If you're friends in real life, they won't mind you contacting them outside of Facebook to confirm.

The good news is that account cloning isn't a hack or an exploit. Your Facebook password is still safe, and your account hasn't been compromised. But being the source of scams and spam for your friends is probably not the position you want to be in. So, I have advice for how to tell if your account has been cloned and, more importantly, how to prevent it from being cloned in the first place.

How do I know if my Facebook account has been cloned?

You can search Facebook for your name to see if there are other accounts pretending to be you, but this often isn't very helpful. Someone else on Facebook likely legitimately shares your name. While you can do this to look for duplicates, not every result will be someone maliciously cloning your account. Scammers are also clever enough to block your real account from seeing the cloned account, so you can't find and report it.

One newer tactic to watch for: cloners are exploiting Facebook's additional profiles feature, which lets users create up to four sub-profiles per account. A scammer could pose as your "professional" or "hobby" alt-profile, giving a plausible reason for a duplicate friend request. If a friend receives a request from what appears to be a secondary profile of yours, they're more likely to accept it without question.

There's also an emerging threat worth keeping an eye on. AI voice cloning has been used in phone scams for a while now, and it's starting to creep toward Messenger voice notes. It's not widespread in Facebook cloning specifically yet, but the technology is there, and it's something to be aware of going forward.

You're far more likely to discover your account has been cloned after the fact. Before a cloner can scam your friends, they have to send a friend request from the cloned account, which can set off red flags for the security-savvy. If your friends accept the friend request without thinking, they'll start receiving messages that may not sound like you. When a friend tells you they've received a friend request or a suspicious message, it could be a sign that your account has been cloned.

For context, Meta removed 10 million fake profiles in the first half of 2025 alone, so this is not a small problem.

What should I do if my Facebook account has been cloned?

Facebook doesn't allow accounts to impersonate others. If you find a cloned account, you and your friends should report it to Facebook. Just go to the cloned profile and:

Click the three-dot menu icon beneath the cover photo.
Select "Report Profile."
Choose "Fake profile," then select "Me."
Hit Submit and follow any remaining instructions onscreen.

Getting multiple friends to also report the cloned profile helps speed up Meta's review and removal process. The more reports a fake account receives, the faster it tends to be taken down. Once you've reported the page, post to your timeline and tell friends not to accept new friend requests from you, and to ignore any messages that might be scams.

How can I avoid Facebook account cloning?

Avoiding your account from being cloned and protecting your friends from associated scams and spam is really simple. The key is hiding your Facebook friends list. Anyone who clones your account will use your public friends list as a list of targets. But if your Friends list is private, it's much harder for them to come up with the list of your friends and family.

I have my Facebook friends list hidden, and I advise everyone I know to do the same. Hiding your friends list only takes a few quick clicks, and I'll walk you through it in my story on How to Hide your Friends List on Facebook.

Beyond that, I'd recommend locking down your overall profile visibility. Go to Settings > Audience and Visibility, and review who can see your posts, friends list, and personal details. There are a lot of settings here offering granular control over who can see your profile details, so make sure to limit them as much as possible. The less public information scammers can access, the harder it is for them to create a convincing clone.

Some regions, like India, Bangladesh, and Egypt, have access to a one-click Profile Lock feature (tap the three-dot menu on your profile and select "Lock Profile"), but this isn't available in the US, UK, Canada, or most of Europe. For those of us in the US, manually tightening your Audience and Visibility settings is the way to go.

One more thing worth noting on the privacy front. Meta does label AI-generated content with "AI info" tags using C2PA and IPTC metadata detection. However, cloners using AI tools that don't embed these watermarks bypass the system entirely. Don't assume that just because a photo or video isn't labeled as AI-generated, it's authentic.

How do I know if my Facebook account has been hacked rather than cloned?

When your account is cloned, someone on Facebook is pretending to be you. But when your account is hacked, someone has gained access to your Facebook password and is actually using your Facebook account to be you. The most obvious signs of hacking are spam posts from your real account or being locked out of your account entirely. It's possible someone has hacked your account using stolen credentials, but they haven't taken any action yet. To confirm if your Facebook account has been hacked, you can check for any unusual logins:

Open Facebook from your web browser.
Click your profile photo in the upper right to open the menu, then select "Settings & privacy."
Select "Settings."
Open the Meta Accounts Center from the left navigation pane, select "Password and security," then select "Where you're logged in."

The "Where you're logged in" section shows every device that is logged in to your account and when they last logged in. Review each login to decide if it's you.

If every login was you, then you have nothing to worry about. Unrecognized logins are not a sure sign you've been hacked (you may have simply logged in on a family member's device or an old phone and forgotten about it), but you can make sure you're protected by following the steps below.

One thing worth noting: Messenger now defaults to end-to-end encryption for personal one-on-one chats and calls, which has been the case since December 2023. That means if someone does gain access to your account, they won't be able to read your existing personal messages from another device. However, group chats, business chats, and Marketplace chats are not end-to-end encrypted, so those conversations could still be exposed.

What should I do if my Facebook account has been hacked?

If you don't recognize a login, click on the menu (three dots) for that login and choose "Log out." This will boot out the possible hacker. After that, change your password and set up stronger login security:

Open Facebook from your web browser.
Click your profile photo in the upper right to open the menu, then select "Settings & privacy."
Select "Settings."
In the Meta Accounts Center, select "Password and security." There, you'll find the options for changing your password, enabling two-factor authentication, and setting up passkeys.

I'd recommend setting up a passkey as your primary login method if you can. Meta launched passkey support for Facebook in June 2025 on iOS and Android. Passkeys use your phone's biometrics (fingerprint or face) to sign you in, and they're phishing-resistant, which means even if someone steals your password, they can't get in without your physical device. You can set this up by going to Accounts Center > Password and Security > Passkey. SMS-based two-factor authentication is still available as a fallback, but passkeys are a much stronger option.

Even if you haven't been hacked, turning on alerts for unrecognized logins is a good idea. When it's enabled, Facebook will tell you if an unrecognized device logs onto your account, so you'll know immediately if a hacker has access to your account. In the “Password and security” section of Meta Accounts Center, you'll also find the option for "Login alerts." I recommend selecting both in-app notifications and at least one email address.

Unfortunately, when your account is hacked, the hacker usually changes your password, email address, and phone number, making it very difficult for you to access or recover your account. If this happens to your account, Facebook has an account recovery process you need to follow to regain access. One option Meta now offers is video selfie verification, which compares your face to your profile photos to confirm your identity. That said, results have been inconsistent. Many users report failed verifications and account lockouts, so government ID uploads remain an option in some recovery flows.

The good news is that Meta has been making solid improvements here. In December 2025, the company launched a redesigned Security Checkup tool, AI-powered adaptive recovery flows that adjust to your specific situation with clearer guidance, and an AI support assistant that's being tested globally on Facebook. Meta says the relative success rate of hacked account recovery has improved by more than 30% in the US and Canada. Anecdotally, though, we've still heard mixed results from our friends and readers.

Updated on 2/11/2026

[Image credit: screenshot via Techlicious, phone mockup via Canva]

Topics

Facebook, Computers and Software, Computer Safety & Support, Phones and Mobile, Mobile Apps, Tips & How-Tos

Discussion

From JohnR on August 05, 2022 :: 11:47 am

John, our technology reviewed your report against not to take the profile down.

our Community Standards. Ultimately, we decided

We take action on profiles that pose a danger to other people or are harmful to the community.

If there’s something specific on this profile that you think we should review (example: a photo), please report the content itself.

Thanks again for helping us keep Facebook safe

and welcoming for everyone.

From Alan on August 17, 2022 :: 4:04 pm

I’ve been trying for a week to get anyone at FB to take some action. I’ve reported CLONED 4 or 5 times, and that has shown zero response of any kind. So, I tried “VIOLATED FB Standards”, Evidently, they can’t afford a human to look on a reported cloned user, and also can’t write both software to take a username and at least SEE if there are identical users with signs that it is a likely cloned account.

“Too big to Fail” comes to mind, and incompetent management.

From Fatima Mustafa on August 20, 2022 :: 12:17 pm

My , Facebook account was hack or clone I’m not sure if which of this one

From Ecal Irving on August 29, 2022 :: 10:11 am

Facebook does not care about cloning. I reported several cases for friends and today one for myself where someone copied my background and profile picture and made an account with my name. Know that my name displays THREE names, which makes it unusual where no one else has it. So, it’s OBVIOUS that I was cloned. I reported it to Facebook, and here’s what they said. “We found that it isn’t pretending to be you.” ... ARE YOU KIDDING ME?!! They don’t care. Best thing for everyone to do is get off of Facebook.

From Graham Hayman on September 26, 2022 :: 9:58 am

Thanks for the useful - and clear - article. I posted to our community bb and my page. I looked for hackers by checking for other devices where I am logged in. Found only one marked “Active now” and below that a list of previous logins. Two locations! I almost always use my computer for FB (not my phone), almost always from home, and a VPN most of the time. I log in every day. The locations I can see (i.e. not Show More) in the list are Denman Island BC Canada where I live, and Vancouver BC Canada (where I visit maybe once a year). I saw 49 logins - 39 labelled Vancouver, 13 labelled Denman Island. When I hover my cursor over each location login, an IP address pops up. About 4 - 6 seem to recur. Should I
be worried?

From P.Stark on January 18, 2023 :: 7:34 pm

every time i log in I get a different local that is not in my town and state. then I found this on Face book
The Location History setting is no longer available and the experiences it made possible have been disabled, even if your setting was previously enabled.

so using the location of where you or if someone else is using your account is logging in makes no sense using it as a determination that your account has been account? I know it was me logging in, but I do not live the town that face book is saying I logged into. I am getting tire of having to keep changing my password and stressing over why its not my town. ever since meta took over they disabled the location indicator. its totally rediculous! d

From CW on February 12, 2023 :: 1:12 am

I had someone clone my profile—now they are using this as the cornerstone for a defamation lawsuit. I need a trial expert to testify as to this phenomenon. Thanks! Christine

From Lois Vierk on March 09, 2023 :: 12:57 am

There are two cloned facebook sites with my name. I’ve followed all the instructions about reporting them to facebook. Facebook totally ignores my reports. The two cloned accounts continue to exist. Who knows what damage is being done. Facebook doesn’t care, that’s clear.

From Doug on July 06, 2023 :: 2:44 pm

Facebook could have an easy way for someone to verify a profile whenever receiving messenger messages or posting. They could create a unique digital signature and check it for these actions automatically. But they just don’t seem to care which is sad. Or they think it’s hard and the engineers can’t pull it off, which would also be really sad.

From Larry on July 08, 2023 :: 1:47 am

My page was cloned or highjacked in 2014 about.a group of 300 replaced my page with a copy they owned authority over.the actors played the roles of my entire friends list even on messenger.when I finally realized what was going on took 6 months or so I wrote a post to my page telling them to get out of my computer and Facebook then my screen darkened came on again and there stood 300 people with arms around each other and front guy said while saluting “Congratulations Mr.( last name ) you passed they all took a bow and my computer restarted.have you heard of anything like this.you passed what did I pass.

From JENNIFER PAGLIAI on July 08, 2023 :: 9:54 pm

My facebook page was cloned. There is my old page and a new page that I created. I got Facebook to take the old page down, but it’s back up. I tried to get into it, and they wanted to send a code to an email I do not have or a phone # that is not mine. Since I can’t see the whole # I can’t call it. It’s infuriating that they have an email in my name & are using my Facebook page & picture. Is this our government doing this? It’s crazy.

From M.D. Clay on May 27, 2024 :: 9:14 pm

Facebook’s web site changed how the Privacy settings are presented again, so the instruction need updated again.

From Dave on July 29, 2024 :: 6:23 am

In Facebook why would someone clone an account if the friends are locked down? They can’t see that persons friends to send out new friend request. So how does this benefit the scammer?

From Josh Kirschner on July 29, 2024 :: 5:34 pm

Hiding your friends makes it more difficult for scammers to perpetrate their scams through account cloning, but not impossible. If other personal information is visible, such as the school you went to or where you work, the scammer could use that information to find potential other victims. Or, if you have public posts, they can identify friends and family based on who is liking or commenting on your posts. Which is a good reason for keeping your activity set to friends only.

From Victor on December 14, 2024 :: 6:41 pm

Elizabeth, your link that reads:
“Read our story: The Complete Guide to Facebook Privacy Settings” Actually points to a file on your C: drive instead of a page on the internet, so we can’t read that page.

Thanks,
Victor

From Josh Kirschner on December 15, 2024 :: 12:33 pm

Hi Victor,

Thanks for catching that! We fixed the link.

Best,
Josh

From Steve Lawrence on March 31, 2025 :: 2:21 pm

Do directions ever work? My clone has no Profile, or none I can find. So step one…cannot do—the end.

From Sam George on April 20, 2025 :: 9:45 am

A friend sent me a message to alert me that there are about 8 pages that are exactly identical to my page… in different languages: Chinese, German, Czech, Aramaic, and others. When I enter those pages, they ask me to enter my login information… Of course I don’t. So what’s the danger here??? And I can’t find a way to send a complaint to Facebook because the pages are identical to my page, as if I am sending a complaint about my own page.