Preventing Account Cloning – Best Practices
Can Account Cloning Be Prevented?
By Ken Dulaney
In this blog, Vice President of Research at Aragon Research, Ken Dulaney discusses how difficult account cloning may be to prevent.
We share the best practices for securing your private information on the internet.
Account Cloning May Be Difficult to Stop
A few days ago I got a message from Facebook that they were investigating my account. Although the source email looked legitimate, I thought I would just delete it as the best course of action.
Suspicion trumps all motivations to click on an email no matter how attractive the content.
However, a day later, I received a message from someone who is technically savvy, but I hadn’t spoken to in a while. His advice was to take action on my accounts since he was sure my Facebook account had been cloned.
Someone can simply open an account with my name. After all, all of us don’t own a unique name, unique to the 8 billion citizens of the planet.
And through a simple search, they could easily find my basic personal details as well as an accurate photo of me.
Posting all of my personal information to the cloned account (actually it’s not cloned but mirrored) would entice those who know me to attach to this account and friend this pseudo person.
Friending this account, permits the cloner to send the new friend all sorts of mischievous messages. And the recipient, believing this to be a true friend, typically has little reservations about reading them. And the damage would follow.
Defeating account cloning starts with Facebook.
Better verification of the user, especially when there are accounts that match any newly created account. This is likely the best of all options to mostly stop cloning.
However, it is not a 100% solution.
Two step verification of any friend relationship is another option albeit more cumbersome, somewhat dissuading friends from becoming friends.
Attempting to keep private information that can be copied to clone private is another good practice, but in today’s Internet world, even the most cautious will find much of their personal information easily accessible on the Internet.
So another nasty security compromise is widening across not only Facebook, but other social media networks.
If possible, before you friend someone, send them an email and let them know you are going to link to them. Have them let you know the link on their account has succeeded.
If you don’t get verification, then delete the friend relationship because you have likely friended a clone.
ADDITIONAL CONTENT BY KEN DULANEY
Our experts are helping businesses across all industries develop security strategies that support their specific organization needs.
The pandemic taught every enterprise a big lesson–work from anywhere is real and so is the need to engage with employees. The era of Talent Management is over. The new focus is employees and engagement.
On Wednesday, October 26, join Aragon CEO and lead analyst, Jim Lundy, to discuss this new focus on Employee Engagement and the technologies worth leveraging to keep people engaged.
Key topics include:
- Trends driving the shift to Employee Engagement
- What are the technologies and methodologies to enable better ways to get work done and also engage employees?
- How can enterprises gain a competitive advantage by focusing on Employee Engagement?