Your IP: Unknown · Your Status: ProtectedUnprotectedUnknown
Angler phishing

Angler phishing

Angler phishing definition

A social engineering attack aimed at customers who publicly request assistance from an organization on social media. The scammer reaches out with a fake customer service profile and tricks the victim into revealing sensitive information while pretending to help.

Real angler phishing attack examples

Telling customers to send money to a fraudulent account to pay for goods or services

Tricking customers who have trouble with their account into revealing their login credentials

Redirecting customers to a fake customer support website that will install malware on their device

Stopping an angler fishing attack

  • Check if the profile is verified (if your social media platform verifies accounts, like Twitter does)
  • Verify that the customer service profile is real — check its name and feed for odd signs
  • Never reveal your full password — real staff will never ask for this information
  • Don’t click shortened links unless you’re 100% sure it’s real
  • If in doubt, end the conversation and contact the organization by phone or email

Further reading

Ultimate digital security

We value your privacy

This website uses cookies to provide you with a safer and more personalized experience. By accepting, you agree to the use of cookies for ads and analytics, in line with our Cookie Policy.