Angler Phishing — How can you avoid falling victim?

Renju Mohan
3 min readJul 7, 2021

--

Phishing is a very common kind of social engineering that usually comprises an e-mail with false requests to give your personal data or visit a harmful website. People began receiving these emails, like many internet threats. As a result, these assaults must be perpetrated by innovative individuals. Angler phishing is one example of this. It uses social media rather than emails. So how can you defend yourself, what is angler phishing?

What Is Angler Phishing?

Angler phishing is a contact on social media while claiming to be a representative of customer care. It is named after the fish of anglers, who entice its victims with a glistening bait. Angler phishing uses the fact that, generally, social media is the first place where consumers request help from a firm. The objective of the assault is to locate people who complain about a company before the real firm can solve their concerns. This allows you to extract data which may then be utilized for stealing.

How Does Angler Phishing Work?

Fishing by angler is easy since the aggressors don’t even have to look for victims. Rather, they just select a popular company and wait for it in the social media. Ideally, this company is often labelled online and a bit sluggish to react. They then construct several social media profiles that may be utilized to impersonate support personnel.

Someone may complain, for example, that they have problems entering into their bank account. An assailant will send a link to reset his password. Or someone may complain about a recent purchase they haven’t gotten. An attacker then offers to resend the item; just the address to be sent to them needs confirmation. Once the assailant provides assistance, many people are ready to perform as required. It may be exploited for identity theft if personal information is given. And if you click on a link, you can transport them to a fake website to steal your login credentials.

Who Is Targeted?

Fishing is possible on all prominent networks of social media. If a platform is sufficiently large to contain major firms, criminals probably will also be there.

The most likely to be impersonated are financial companies. A ProofPoint analysis revealed a bank or other sort of financial provider accounted for 55 percent of every assault.

How to Avoid Angler Phishing

Angler phishing works because many people let their guard down on social media. Here are a few easy ways to avoid falling for it.

1. Tag Specific Accounts

People turn to social media because it’s often the fastest way to get a response. But there’s more than one way to do so.

Many large companies have specific accounts that handle complaints. By tagging these accounts and only responding when they do, this attack becomes impossible.

2. Always Verify Who You Are Talking To

Before responding to anybody online, always verify who you are talking to. Here’s how to do that:

  • Read the account name carefully to make sure that everything is spelled correctly. There are a number of tricks that can be used to make you miss it the first time.
  • Look for a tick mark that indicates the account is verified.
  • Look at the number of followers if applicable. A customer service rep from a popular company shouldn’t have zero.
  • Check the businesses official account and see if the account that contacted you is mentioned there.
  • Check if they have a history of successfully helping other customers. Keep in mind that this can sometimes be faked.

3. If in Doubt, Reach Out Directly

If you the slightest doubt about who you are talking to, stop talking and contact the company directly instead.

Don’t fall into the trap of not wanting to insult the person that contacted you. This is a natural reaction to somebody offering to help. But it’s also something that attackers rely on to get what they want.

4. Never Send Personal Information Regardless

If somebody initiates a conversation with you on social media, never answer questions and never click on a link.

The people who perform these attacks will make it seem like you have no logical choice. But a professional will understand completely why you might refuse to do so.

--

--

Renju Mohan

A student and self made content creator, who is more interested in technology, photography and videography.