Hacked Friend Impersonation Scams

Hacked friend impersonation scams occur when a scammer gains access to someone's social media or messaging account and then uses it to send fraudulent requests to that person's real-life contacts. Because the messages genuinely originate from a known account — with the real person's name, photo, mutual friends, and previous conversation history — recipients have little reason to doubt their authenticity without specific scrutiny.

The scammer browses through previous messages to understand how the account owner communicates, identifies close contacts likely to respond, and crafts requests tailored to those relationships. A message from a close colleague asking for a modest loan looks very different from a cold message from a stranger making the same request — the social trust built up over years is weaponised.

Common requests include emergency cash transfers for a stranded friend, the purchase of gift cards to be sent as codes, help with a business transaction, or clicking a link to vote or support something. In some cases the compromised account is used to phish the contact's own credentials, extending the chain of compromised accounts.

The scam is particularly effective on platforms where long-running message threads exist — Facebook Messenger, WhatsApp, and Instagram DMs — because the history of legitimate prior conversation adds legitimacy to the fraudulent message. Elderly users and those who communicate primarily through a single platform are especially at risk.

The original account is usually taken over through phishing, a data breach, or credential stuffing using a password reused from another site. Once in control, the scammer reviews the contact list and inbox to identify targets most likely to respond without question.

The approach message is low-key and personal — often a brief greeting that mirrors the account owner's usual tone before moving to the request. A common pattern opens with something casual ('Hey, are you around?') before introducing an urgent but plausible problem: a lost wallet abroad, a temporary cash-flow issue, an unexpected medical expense.

Because the ask comes from a trusted person, the target frequently complies without the verification behaviour they would apply to a stranger. Gift card codes are particularly requested because they are irreversible, immediate, and hard to trace.

If the first contact succeeds, the scammer may use the same compromised account to approach multiple other contacts simultaneously, maximising yield before the real account owner notices the compromise and regains control.

This scam collapses the central defence people rely on — knowing who they are talking to. When a message comes from an account you have spoken with for years, with a real name and history, normal suspicion is disarmed. The brain pattern-matches to past legitimate conversations rather than treating the message as a cold contact from a stranger.

The social dynamic of helping a friend in crisis adds further pressure. Refusing to help someone you care about, even briefly, feels wrong. Scammers leverage this directly by introducing the request with personal framing and by explicitly invoking urgency and trust ('I'm only asking you because I know I can count on you').

Gift card requests persist because they are effectively untraceable and irreversible once codes are shared. The modest amounts typically requested for a first contact fall within the range people will readily provide to a genuine friend, making the request feel plausible rather than alarming.

Hey, are you free right now? I'm in a bit of trouble and need a favour urgently.

I'm travelling and my wallet got stolen. Can you send [amount] via [payment app]? I'll pay you back as soon as I'm home.

I need you to buy [amount] in [gift card] cards and send me the codes ASAP. I'll explain everything later — please don't tell anyone yet.

My phone broke so I can't call but can you help me with something quickly? I'll explain over message.

I need to transfer [amount] for a business payment today but my banking app is locked. Can I use yours and I'll send it straight back?

The single most effective verification step is a direct phone or video call to the person at a number you already have stored. If they cannot take a call because of the situation they describe — broken phone, abroad, no signal — that is itself a red flag rather than an explanation to accept at face value.

If you cannot reach the person directly, contact a shared friend or family member through a completely separate channel. Ask them to check whether the person is actually in the situation described.

Pay close attention to writing style. Subtle differences in tone, vocabulary, or punctuation that feel slightly off are worth acting on, even if you cannot articulate the specific difference. Your familiarity with how someone writes is a meaningful signal.

No genuine emergency requires gift card codes. If that is the requested payment method, the message is fraudulent regardless of how convincing everything else appears.