ANGLER PHISHING – Beware of the Newest Tactic!
Phishing is a term used to describe a common tactic used by identity thieves to gain access to your personal information. It happens when a criminal attempts to lure or entice their victim into clicking on a link or opening an attachment in a text message, a social media message or in an email. If the victim complies, they are directed to provide personal information or even worse, the victim’s computer will become infected with Malware or Ransomware! Angler Phishing usually happens on social media.
ANYONE CAN FALL FOR IT
If a criminal already has any personal information about you or your family (gleaned from a data breach or social media site) they can put together a well-designed Phishing email. They will provide you with a reason to have to click on the link. Here’s an example: “Your daughter Lisa fell and hit her head at school today. Please click here to contact us for additional information”.
Similarly, Spear-Phishing is an even more laser-focused Phishing attempt. For example, criminals will target the emails of employees in a company’s Human Resources Department. These Spear-Phishing emails are used to get payroll information to glean the Social Security numbers of the company’s employees.
NOW THERE’S A NEW PHISHING TACTIC
It is referred to as Angler Phishing. It begins when you as the customer, becomes upset with the service you received at a company you just did business with. So, you post an angry comment about your experience on your social media account. Soon thereafter, you get a text or email response – which appears to have come from the company you posted a complaint about. The ‘customer service’ rep at the company offers to help you resolve their problem. The trap is now set!
You don’t realize that the person who contacted you is really a fraudster who read your post and is now impersonating the company you complained about. The fraudster attempts to lure you into clicking on a link to directly connect you with a customer service rep at the company. If you comply, then merely clicking on that link can result in you downloading Malware or Ransomware. Alternatively, the provided link will connect you to a fake customer service rep, who asks for personal information in order to reimburse you or resolve your issue. The Fraudster will then use your personal information to commit identity theft.
You MUST always be wary!
Angler Phishing usually happens on social media. So, make it a habit to NOT respond to any communications you receive through social media, because it is difficult to verify the legitimacy of the contact. If you receive a message from a company you complained about, contact the company directly or go to the company’s website instead of clicking on the link that is provided to you.
ANOTHER THING YOU NEED TO KNOW
When it comes to Angler Phishing, there’s another aspect you may not have given much thought to. It’s another part of ANY customer service situation. Never rely on a Google search to locate a customer service telephone number for a company. Some companies do NOT even have a customer service number to call them. They instead force you to go to their website to resolve an issue. Realize that the customer service number that you just found on Google may not really be the company’s legitimate customer service number. The number you found may be a scammer who set up a phony customer service number for that company. Then, when you call the number, the Imposter will phish for your personal information. Then, the theft of your information will unfortunately make you a victim of Identity Theft!
- NEVER click on links or open attachments in emails, text messages or your social media messaging inbox unless you substantiated its legitimacy
- Be wary of any unsolicited posts on social media
- Never give your personal information to a stranger
- Always do your research first – “Don’t Trust until you Verify” directly from reliable sources before engaging with anyone on social media.
- Log in to a company’s website by typing their web address into your internet browser – instead of clicking on links that could be tainted.
- Be sure to have virus and malware protection on all your devices
- Always keep your software updated – set them to automatically update
REPEAT AFTER ME…
NEVER EVER click on links or open attachments in emails, text messages or your social media messaging inbox. 99.9% of the time, they are tainted links. It is referred to as click-bait messages. Click-Bait is designed to entice you – with an urgent important message – that prompts you to click on a link – to remedy the situation.
Phishing attacks come in two parts. First there’s the tempting click-bait email. Next the link in the message takes you to a look-alike fake website the scam artist controls.
When it comes to Identity Theft, I can’t stress enough how important it is to refrain from clicking on any links or opening up any attachments in an email unless you are 100% certain that it’s legitimate or if you initiated the contact. Criminals will never stop Phishing – so please – DON’T TAKE THE BAIT!
Read another one of my articles about Phishing here.