ANGLER PHISHING NEWEST PHISHING TACTIC

ANGLER PHISHING – Beware of the Newest Tactic!

Phishing is a term used to describe a common tactic used by identity thieves to gain access to your personal information. It happens when a criminal attempts to lure or entice their victim into clicking on a link or opening an attachment in a text message, a social media message or in an email. If the victim complies, they are directed to provide personal information or even worse, the victim’s computer will become infected with Malware or Ransomware! Angler Phishing usually happens on social media.

ANYONE CAN FALL FOR IT

If a criminal already has any personal information about you or your family (gleaned from a data breach or social media site) they can put together a well-designed Phishing email. They will provide you with a reason to have to click on the link. Here’s an example: “Your daughter Lisa fell and hit her head at school today. Please click here to contact us for additional information”.

Angler Phishing Mssages

    Never Click on Email or text links on social media messaging inbox

Similarly, Spear-Phishing is an even more laser-focused Phishing attempt. For example, criminals will target the emails of employees in a company’s Human Resources Department. These Spear-Phishing emails are used to get payroll information to glean the Social Security numbers of the company’s employees.

NOW THERE’S A NEW PHISHING TACTIC

It is referred to as Angler Phishing. It begins when you as the customer, becomes upset with the service you received at a company you just did business with.  So, you post an angry comment about your experience on your social media account. Soon thereafter, you get a text or email response – which appears to have come from the company you posted a complaint about. The ‘customer service’ rep at the company offers to help you resolve their problem. The trap is now set!

You don’t realize that the person who contacted you is really a fraudster who read your post and is now impersonating the company you complained about. The fraudster attempts to lure you into clicking on a link to directly connect you with a customer service rep at the company. If you comply, then merely clicking on that link can result in you downloading Malware or Ransomware. Alternatively, the provided link will connect you to a fake customer service rep, who asks for personal information in order to reimburse you or resolve your issue. The Fraudster will then use your personal information to commit identity theft.

You MUST always be wary!

Angler Phishing usually happens on social media. So, make it a habit to NOT respond to any communications you receive through social media, because it is difficult to verify the legitimacy of the contact. If you receive a message from a company you complained about, contact the company directly or go to the company’s website instead of clicking on the link that is provided to you.

 

ANOTHER THING YOU NEED TO KNOW

When it comes to Angler Phishing, there’s another aspect you may not have given much thought to. It’s another part of ANY customer service situation. Never rely on a Google search to locate a customer service telephone number for a company. Some companies do NOT even have a customer service number to call them. They instead force you to go to their website to resolve an issue. Realize that the customer service number that you just found on Google may not really be the company’s legitimate customer service number. The number you found may be a scammer who set up a phony customer service number for that company. Then, when you call the number, the Imposter will phish for your personal information.  Then, the theft of your information will unfortunately make you a victim of Identity Theft!

TIPS:

  • NEVER click on links or open attachments in emails, text messages or your social media messaging inbox unless you substantiated its legitimacy  
  • Be wary of any unsolicited posts on social media
  • Never give your personal information to a stranger
  • Always do your research first – “Don’t Trust until you Verify” directly from reliable sources before engaging with anyone on social media.  
  • Log in to a company’s website by typing their web address into your internet browser – instead of clicking on links that could be tainted.
  • Be sure to have virus and malware protection on all your devices
  • Always keep your software updated – set them to automatically update

 

REPEAT AFTER ME…

NEVER EVER click on links or open attachments in emails, text messages or your social media messaging inbox.  99.9% of the time, they are tainted links. It is referred to as click-bait messages. Click-Bait is designed to entice you – with an urgent important message – that prompts you to click on a link – to remedy the situation.  

Phishing attacks come in two parts. First there’s the tempting click-bait email. Next the link in the message takes you to a look-alike fake website the scam artist controls.

When it comes to Identity Theft, I can’t stress enough how important it is to refrain from clicking on any links or opening up any attachments in an email unless you are 100% certain that it’s legitimate or if you initiated the contact. Criminals will never stop Phishing – so please – DON’T TAKE THE BAIT!

Read another one of my articles about Phishing here.

FACEBOOK PRIVACY SCANDAL

Facebook Privacy Scandal  –  Who’s at Fault?

The CEO of Facebook, Mark Zuckerberg faced a grilling during Capital Hill hearings about the recent Facebook privacy scandal. It appears that Facebook allowed a third-party company, Cambridge Analytica, to plunder the personal information of 87 million Facebook users. This is one of the largest data leaks in the social network’s history.

Cambridge Analytica was able to pull off this data harvesting, under the guise of an app, that appeared to be just an innocent social media quiz.  The app “This is Your Digital Life” paid Facebook for the ability to invite users to take quizzes.  Downloading the app resulted in you granting them full access to your public profile information. If that weren’t bad enough, once a user granted them access, the app was able to view the information of the their Facebook friends too.  Any and all information that was available in a user’s public profile was likely compromised.

Next, the collected data (via the quiz app) was in turn shared with the political research firm Cambridge Analytica.  So, they were able to extract all that Facebook data, under the premise that they were collecting information for academic purposes.

Facebook has since banned the app and is in the process of informing users if their personal information was wrongly accessed.  But, whether your information was accessed or not, the lesson learned here is that you should always be mindful of what you share on your social media profiles.

 

Facebook Privacy Scandal
Why is he so smug?

YOUR PERSONAL DATA IS THE PRODUCT BEING SOLD

During the Joint Commerce and Judiciary Committee hearing, Zuckerberg is quoted as saying: “I would hope that what we do with user data is not surprising to people”.  It was however, a surprising revelation to most Facebook users. Facebook users hadn’t considered the fact that they are NOT Facebook’s customer.  Advertisers are in fact Facebook’s actual customers.

When a user doesn’t pay a fee to use an app or a social media platform, then the user’s personal data is the ‘product’ being sold. Everything we click on and everything we buy or read is tracked, catalogued, analyzed and then sold.  All the information that is collected about us is being harvested and then sold to advertisers, research firms and data brokers.

ON THE INTERNET – NOTHING COMES FREE

Users actually pay for the ‘free’ use of Facebook, by giving up their data. That is why it’s so important to examine your profile privacy settings.  Realize that there is a big difference between Facebook’s “profile privacy” settings and their “application privacy” settings.  Always be aware of what personal information any downloaded app or social media platform can view and use from your account.  Never put too much info about yourself out there. AND read those “Terms and Policies” notices before clicking “Yes”.

Lastly, I would refrain from clicking on those Facebook “LIKE” buttons.  Consumer lawyer and privacy expert Joel Winston wrote an excellent must read article in a column for NBC.

Here’s what he had to say about “Likes”

“On the basis of ten “Likes”, researchers from Cambridge Analytica have demonstrated that Facebook knows you better than your work colleagues. After 70 “Likes,” Facebook knows you better than your friends. Accumulate 150 “Likes,” and Facebook knows you better than your parents. Complete 300 “Likes” and Facebook knows you better than your spouse or partner. Record more than 500 honest “Likes” and Facebook can even know you better than you know yourself.”

You can learn how you can remove apps and websites, if you no longer want them to have access to your Facebook information, by logging in to your Facebook account and going to their help section.

 

 

FREE iPHONE X FOR A ‘LIKE’ ‘SHARE’ OR ‘FOLLOW’

A FREE iPHONE X? Remember: If it sounds too good to be true, it is…

Right now there are Scammers out there looking to take advantage of the new iPhone X release, by promoting fake free iPhone offers. The new iPhone X is the most expensive iPhone ever released by Apple and everyone wants to get their hands on one, but the price is pretty prohibitive. The price is $999, making it the most expensive iPhone Apple has ever made.

Free iPhone X

For those who are counting, there have been more than 532 fraudulent iPhone social accounts set up. The creators of these fake social accounts are looking to increase their follower accounts. They want to boost their number of followers by offering free iPhones in exchange for a ‘like’, ‘share’ or ‘follow’ on their Facebook page or YouTube channel.

People who are looking to score a free iPhone X, will be enticed enough to either ‘like’, ‘share’ or ‘follow’ these fraudsters, in exchange for a chance of winning.

So, what do these gullible followers have to lose? Let’s take a look.

Free iPhone X offers may instruct users to share personal information that may then be used to steal the victim’s identity. Those same victims may fall for additional phishing schemes, designed to steal their personal information. They may be prompted or enticed by these fraudsters to install unsafe apps. They may be tricked into clicking on links that contain Malware that infects their computer and takes control of their device.

If you’ve seen or have been a sucker for one of these fake offers, you should report the fake pages and websites to the appropriate companies. It’s effortless to do so, if we’re talking about Facebook pages or other social media accounts.

Falling for social media schemes that entice you to ‘like’, ‘share’ or ‘follow’, is usually someone trying to take advantage of you.  Chances are pretty high, that you won’t come away with a free iPhone X.