The story always begins with a simple notification on your phone: “So-and-so started following you.” You automatically smile because you know him, and accept the addition without thinking long about why he created a new account. But behind this simple spontaneous movement, there may be a quiet digital trap waiting for just one click from you on a private link to turn trust into a personal disaster. This is what is happening recently, as a malicious trick is spreading in which some hackers exploit the pictures of the accounts of friends and close ones to create fake accounts that are completely identical to the real accounts. The fake account starts following you, then sends you a private message containing a link asking you to click on it out of curiosity or assistance. The links sent from these cloned accounts are not just regular pages, but digital traps carefully designed to do the following:

Phishing: The link may open a fake login page that looks exactly like an Instagram or Facebook page. Once you write your username and password, the data will reach the hacker immediately, and your account will be seized and you will be deprived of it.

Phone hacking via “cookies”: Some links are so malicious that they steal your device’s cookies, allowing the hacker to access your open accounts and activities without the need to know the password or bypass the two-factor verification code.

Implanting malware: Clicking on the link may lead to the imperceptible download of spyware files behind the scenes of the phone system, with the aim of monitoring what you type and stealing your personal data.

An information security expert said via “Lebanon 24”: If a suspicious add-on and message arrives from an account bearing the name and picture of a friend or relative’s account, these steps must be followed:

Do not click on the link at all: regardless of the written reasoning that accompanies it (such as: “Vote for me in the contest,” “See what I found here,” or “Is this your photo?”).
Report the account immediately: Go to the fake account file, click on the three dots at the top, then choose Report -> Report Account -> It’s pretending to be someone else and select your targeted friend.
Block the account: Completely block the account to ensure that it does not attempt to contact you again.
Contact your real friend: Contact him by phone or via the WhatsApp application (through his old account that is verified with you) to alert him that there is someone impersonating him and targeting his contacts.
He adds: In the digital space, true friends will not send sudden links from unknown and new accounts requesting quick interaction. Therefore, you must pay attention, wait and be skeptical before taking any step.