Your IP: Unknown · Your Status: ProtectedUnprotectedUnknown
home
Angler phishing

Angler phishing

Angler phishing definition

A social engineering attack aimed at customers who publicly request assistance from an organization on social media. The scammer reaches out with a fake customer service profile and tricks the victim into revealing sensitive information while pretending to help.

Real angler phishing attack examples

Telling customers to send money to a fraudulent account to pay for goods or services

Tricking customers who have trouble with their account into revealing their login credentials

Redirecting customers to a fake customer support website that will install malware on their device

Stopping an angler fishing attack

  • Check if the profile is verified (if your social media platform verifies accounts, like Twitter does)
  • Verify that the customer service profile is real — check its name and feed for odd signs
  • Never reveal your full password — real staff will never ask for this information
  • Don’t click shortened links unless you’re 100% sure it’s real
  • If in doubt, end the conversation and contact the organization by phone or email

Further reading

What is phishing, and how can you prevent it?
What is spear phishing, and how can you avoid it?
How to protect yourself from email phishing

Ultimate digital security

We value your privacy

This website uses cookies to provide you with a safer and more personalized experience. By accepting, you agree to the use of cookies for ads and analytics, in line with our Cookie Policy.