Angler phishing on social media

We take a closer look at social media phishing - also known as angler phishing. Read on to find out what it is and how to spot it.

28-08-2023 - 9 minute read. Posted in: phishing.

Angler phishing on social media

Angler phishing: How scammers exploit social media platforms

A particularly clever and sneaky type of phishing known as “Angler Phishing” has emerged in the complex world of cyber threats. This misleading strategy, which operates in the realm of social media, attracts naive victims by using false identities that pose as trustworthy customer service employees, with angler phishing attackers creating fake accounts to deceive users.

In this blog post, we will examine the mechanics of angler phishing, understand how it works, look at the targeted group, evaluate its efficacy, and arm you with crucial tactics to stop these evil endeavors.

What is angler phishing?

Cybercriminals who engage in angler phishing create fake social media identities in order to pose as customer support employees from trustworthy businesses. Angler phishing work by exploiting social media interactions, particularly targeting disgruntled customers seeking assistance. Attackers target social media users who share complaints about a company’s services by using these fake accounts.

One of the reasons why hackers are converting to phishing on social media is that it’s a lot quicker and easier on social media, since everyone can create accounts and choose a fitting name. This means that hackers can essentially create a “customer support” account, and call it e.g. “@goggle-support” and trick people into thinking they’re truly from Google Support, and not malicious actors.

The cybercriminals try to collect personal information from the victims, or trick them into downloading malware to breach their cyber security. To learn about other types of phishing tactics, explore our detailed guide to phishing here.

Another tool hackers use more frequently are botnets - so if they succeed in installing malware onto your device, they can merge it into their enormous botnet they have round the globe. Learn more about botnets and their use in cyberattacks here.

Unraveling the methodology on social media platforms

In order for us to avoid falling into the angler phishing attacks, we should take a closer look at the methods the hackers use.

  • Platform looting: Angler phishing typically takes place inside the vast settings of social media platforms like Facebook, X (formerly Twitter), and Instagram. Cybercriminals create fake accounts here by copying the branding and messaging of well-known businesses, ranging from financial institutions to leading e-commerce organizations.

  • Strategic selection: Hackers browse the social media platforms related to the business they intend to imitate, to find accounts who have complained or voiced their complaints in public. Once the hackers have this knowledge, they initiate direct communication via direct messaging, exploiting the victims’ need for help.

  • Deceptive dialogue: Using identities which often resemble the real company’s handle, the hackers deceitfully chat with victims while posing as legitimate customer support employees. Since they mimic genuine customer support, they strive to convince the victim that they are the real customer support, so the victim ultimately gives their valuable personal information.

  • Exploitative encounters: After initiating communication, the attacker manipulates the conversation to get victims to reveal confidential information, such as passwords or bank details - they might also try to get you to click a link that contains malware. Malware will then give the hacker access to the victim’s device or private information.

Targeting the vulnerable social media users

The angler phishing targets are a group of social media users who recently have expressed discontent and complained about an organization. Attackers impersonate customer service representatives to deceive these victims into providing personal information, taking advantage of the victims' urgency for assistance. As the victims look for a quick solution to their issues, these people are more likely to interact with representatives of what appears to be customer service because they want to get their problem fixed.

Victims are more likely to fall for the trap because of the immediate response and the attacker’s false identity.

Hackers possess an incredible amount of technical knowledge, so they will evidently be able to answer many of the questions that a victim has about their problems. Since they can imitate customer support both visually and by their knowledge, it can be difficult to distinguish them from the real.

This will thus make their act a lot more convincing - resulting in a victim being more inclined to give personal information.

To better understand the role of social engineering in these attacks, dive into our article on social engineering here.

Exploiting our frustration through customer complaints

Angler phishing has proven to be a very successful strategy which takes advantage of the vulnerabilities of frustrated users and customer complaints. Large organizations, which are frequently overwhelmed with complaints, may not respond right away, creating a gap in defense which the attacker can and will take advantage of.

If they are successful, cybercriminals can access crucial information and potentially:

  • Hijack accounts

  • Commit identity theft

  • Start new phishing attacks using compromised profiles

We are more prone to hand out personal information when we’re frustrated and want a problem solved - and this is of course a human trait that hackers exploit.

Phishing attacks on social media platforms

Phishing attacks on social media platforms are becoming increasingly common, with attackers using various tactics to trick users into revealing sensitive information. In this section, we will explore the platforms most commonly targeted by phishing attacks, the tactics used by attackers, and how to verify the authenticity of company accounts.

Understanding the platforms

Social media platforms such as Facebook, X (formerly Twitter), Instagram, and LinkedIn are popular targets for phishing attacks. These platforms provide attackers with a vast pool of potential victims and the ability to create fake accounts that mimic legitimate companies. Attackers often use social media platforms to gather information about their targets, such as their interests, hobbies, and personal details. This wealth of information allows them to craft more convincing phishing attempts, increasing their chances of success.

Common tactics used

Attackers use various tactics to trick social media users into revealing sensitive information. Some common tactics include:

  • Creating fake social media accounts that mimic legitimate companies, often with slight variations in the name or handle.

  • Sending direct messages or comments that appear to be from a customer service representative, offering help or solutions to problems.

  • Asking users to provide personal details, such as usernames, passwords, or financial information, under the guise of verifying their identity or resolving an issue.

  • Using fake profiles to lure users into providing sensitive information by pretending to be someone they know or trust.

  • Creating fake social media accounts that appear to be from a company’s customer support team, complete with logos and branding to make them look authentic.

Shielding against angler phishing

It can be tricky to see through the hackers act - we do, however, have a few tips and indicators you can look for, when you’re online:

  • Verify the authenticity: Be cautious and confirm the legitimacy of any accounts you interact with. Try to figure out when an account was created, look for how many friends/followers they have and how many posts they have on their account.

  • Direct confirmation: Verify a customer service representative’s identity when they approach you by contacting the business via authorized channels. This extra step could take some time, but it guarantees that you are speaking with an actual employee.

  • Beware of links: Be careful when clicking links that are sent to you by strangers, especially in e-mails and direct messages. You can always say that you won’t click the link since you don’t know the person, and your cybersecurity is very important to you. If you’re sitting with a genuine employee, they will try and explain an alternative to you clicking the link - whereas a fraud often will try and convince you to click the link.

  • Flagging fraud: Report fake accounts and suspicious profiles to the respective social media platforms. It might help others avoid falling for the same scam. Use the reporting features offered by the platforms for a fast and easy reporting process.

Verify the company account

To avoid falling victim to phishing attacks on social media platforms, it is essential to verify the authenticity of company accounts. Here are some steps you can take:

  • Check the company’s official website to see if they have a social media presence and if they list their official social media handles.

  • Look for the “verified” checkmark on the company’s social media profile, which indicates that the platform has confirmed the account’s authenticity.

  • Check the company’s social media profile for spelling mistakes or inconsistencies in the branding, as these can be red flags for fake accounts.

  • Be cautious of social media accounts that have been created recently or have very few followers, as these are often signs of fake accounts.

  • Contact the company directly through their official website or customer service channels to verify the authenticity of their social media account before engaging with them.

By following these steps, you can protect yourself from phishing attacks on social media platforms and ensure that you are interacting with legitimate company accounts.

Responding to victimization

If you’ve become a victim of an angler phishing attack - or any other type of cyber attack - you should act as soon as you discover the attack. Angler phishing is just one of many social media scams that users need to be aware of. Reset your passwords to your accounts, and notify the involved parties; this can be your bank if your bank details have been compromised, your e-mail service provider or any other relevant organization.

Angler phishing serves as proof of the constantly changing strategies used by cybercriminals and emphasizes the importance of being aware and cautious online. You can improve your digital defenses and prevent the schemes of cybercriminals by understanding the methods they use in these social media-based attacks, spotting potential warning signs, and acting quickly to take action.

You can navigate the connected world of social media with resiliency and confidence by being cautious and by looking for the signs of malicious actors on the loose.

This post has been updated on 28-01-2025 by Sarah Krarup.

Author Sarah Krarup

Sarah Krarup

Sarah studies innovation and entrepreneurship with a deep interest in IT and how cybersecurity impacts businesses and individuals. She has extensive experience in copywriting and is dedicated to making cybersecurity information accessible and engaging for everyone.

View all posts by Sarah Krarup

Similar posts