Definition
Angler phishing is a social engineering technique in which cybercriminals trick individuals who publicly request help on social media platforms into revealing private information.
Angler Phishing Examples
Real-life examples include:
- Tricking customers to send payments to a fraudulent account pretending to sell goods or services.
- Luring users with login issues into revealing sensitive information such as private credentials.
- Redirecting users to a fraudulent support team website to infect their devices with malware.
How to Stop Angler Phishing Attack
- Confirm whether the profile account is verified.
- Check to ensure the customer service website is real.
- Refrain from sharing your login credentials.
- Avoid clicking suspicious links.
- Terminate any suspicious conversation and contact the company using an official email or phone number.
Impacts of Angler Phishing
- Financial losses: The resources needed for remediation, regulatory fines, improved security infrastructure and legal fees translate to a high-cost burden.
- Reputation damage: Victims of angler phishing may develop mistrust resulting in a negative brand image of the company.
How to Spot an Angler Phishing Attempt
- Heightened sense of urgency: An attacker purporting to be the customer representative will often pressure you to act swiftly.
- Grammatical errors: Angler phishers may use bad grammar to bypass filters, while others come from non-English-speaking countries, hence the bad grammar.
- Suspicious links: If you encounter suspicious links, they’re likely malicious and could infect your device.
- Suspicious profile pages: Avoid profiles that seem disreputable. Check the profile picture, number of followers, and previous posts.