Fiber optic networks are used worldwide and have been regarded as excellent media for transmitting time–frequency (TF) signals. In the past decades, fiber-based TF synchronization techniques have been extensively studied. Instruments based on these techniques have been successfully applied. With the increasing application of TF synchronization instruments, their security has become an important issue. Unfortunately, the security risks of fiber-based frequency synchronization (FbFS) instruments have been overlooked. This article proposes a frequency tampering method called “frequency expander.” On a 200-km fiber link, we demonstrate a frequency tampering scenario using a frequency expander-enabled frequency tampering module (FTM). On the user side, the frequency value of the recovered 100-MHz signal can be stealthily altered within a range of 100 MHz ± 100 Hz, while the frequency dissemination stability of the system remains normal. Related to this tampering risk, potential hazards in two different application scenarios, which rely on precise frequency references, are analyzed. Two countermeasures are also proposed to solve this tampering risk.