A. Duplicate accounts and friend requests
Have you ever gotten a friend request from someone that you think is already a friend? Probably,you just assume that they had a problem and have set up a new account, so you confirm the friendship.
Unfortunately, that's almost never the case. Rather, your friend John Doe is being spoofed: someone else has set up an account in John Doe's name, with his same profile picture, and is asking all his friends to friend him again. Once you friend him, the spoofer gains access to all YOUR information and that of all YOUR friends, often including birthdays, phone numbers, etc, for future scams. The spoofer may spoof YOU next!
Although John may think his actual account has been highjacked, it hasn't. Instead, someone has used his profile picture (which is public and can be copied), and his friends list to impersonate him.
There are several steps to dealing with this. First, if you are already friends with John Doe, don't friend him again! Send him a message or a text, or give him a call, and tell him that someone may be spoofing him. (If you DID accidentally friend John, unfriend John the Second right away!)
Second, if you are John Doe, let your friends know you've been spoofed. Tell them not to accept a new friend invitation, and if they did, to unfriend the faked profile. (It will be the one with the fewest mutual friends)
Third, make sure you don't get spoofed. This happened because John's friends list was public. That is, a spoofer could look at John's facebook page, and see all his friends listed. Unfortunately, this is the default setting on Facebook, and you need to take steps to be sure your list of friends is private. Of course, your own information depends on your friends keeping THEIR list private too!
Here's what to do:
A.1. Go to your timeline (not your newsfeed). You can get there by clicking on your name and photo in the blue bar from your home screen.
A.3. This will open a panel with all your friends listed. At the top right of the panel, there's an icon with a pencil. Click on that and choose "Edit Privacy".
A.4. This will open a new window. Make sure that your friends list is limited to "Friends", or "Only me". Same for the "Following" panel: choose "Friends" or "Only Me".
A.5. Click done! You're all set.
B. Protecting your privacy
You don't need the whole world to see your information on facebook, including your birthday, phone number, posts, etc. I recommend that you keep your profile as private as possible. Fortunately, Facebook is starting to help you do that.
B.1 At the top right of the Facebook blue bar, there's an icon of a padlock. Click on that, and Facebook will open a basic privacy page.
B.2 What this window looks like may vary from user to user, but the gist is the same. At the very least, you want to make sure that only friends can see your posts. I strongly recommend limiting access to previous posts to friends only as well. You may also want to limit public access, so that people cannot find your facebook page on the internet. There's also an option that lets you view your facebook page as though you were J. Random Person, so you can see what is already out there.
B.3 You can also look at a more detailed menu of settings by clicking on the downward-facing arrow.
B. 4 This opens a long menu on the left, where you can explore security and privacy settings individually.
B.5 You may want to consider the option of having Facebook remember your browser, so that if someone logs into your page from another browser, you get a message.
B.6 As with all things on the internet: choose a secure password and do not use the same password on multiple sites. Your facebook password should be unique, and a mixture of numbers and letters.
C. Messenger scams (updated 8/17)
There are scams using Facebook's messenger tool, particularly ones that appear to come from friends who have a video to show you. Generally you should not click on any videos without verifying with your friends that they sent it. And never, ever, enter your log-in information, or allow the installation of software, when you click on a link in messenger or Facebook.
blogmaster & Photographer