Whilst having my hair cut recently, the barber asked me what I did; when I explained, she said that her Instagram account had been cloned again and she did not understand why this kept happening. Happy to go through my standard best practice tips, when I reached 'set up two-factor authentication', she said that her daughter had done that and she had an email with all the codes. Swiftly, moving on to' practice good password management'; I had to explain why having the same password for your email account as your social media accounts completely nullified the benefit of two-factor authentication!
Industry experts are (generally) only human and we do understand that we all have too many passwords to manage and how it can be the easy option to reuse the same password. A good password management application can assist you to maintain unique random passwords for all of your accounts; these programs can generate strong passwords for you, enter credentials automatically and remind you to update your passwords periodically.
I had heard stories of account cloning, but I always assumed people would check with the account holder via another form of communication or at least think twice before sending money to an account they only recently connected with.