Catfishing definition
Catfishing is a social engineering scam where the attacker creates a fake online persona to target a specific victim on social networks. Pretending to be someone else, the scammer can attempt to enter into a fake romantic relationship with the victim, spy on them, manipulate them, or even engage in harassment campaigns without fear of reprisal.
Real catfishing examples
- Online dating scams: The scammer fakes being interested in a romantic relationship to get money or favors from the victim.
- Online bullying: The scammer gets close to the victim to obtain confidential information then uses this knowledge to hurt them publicly.
- Harassment campaigns: The attacker smears the person publicly and leads the outrage against them, sometimes using multiple fake profiles.
- Cyberstalking: The scammer pretends to be an innocent third party to observe the victim discreetly.
Stopping catfishing
- Check the social media profile of the person contacting you. Fake profiles are often created shortly before the attack and feature very little content.
- Confront them about discrepancies. If the person contacting you is being evasive or disappears when presented with discrepancies in their story, they may be retreating to rethink their plan or find another victim.
- Resist emotional pressure. Once the scammer has your trust, they commonly start asking for money, gifts, or favors.
- Resist calls for extra software. Scammers may insist that you install an app to talk to them. These apps can harbor malware — use free trusted apps instead, like Messenger.
- Never send sensitive data to anyone because it could later be used for extortion. Even if the scammer doesn’t end up blackmailing you, they may spread the information underground for bragging rights or themselves fall victim to a hacker attack.