Phishing is one of the most present and dangerous threats on the net. As we know, it is the method that hackers use to steal users’ passwords and credentials. Common sense is very important to avoid being victims. Now there are different varieties. In this article we are going to explain what Angler Phishing is and what we can do to avoid being victims. We will give some tips for this.
What is Angler Phishing
Angler Phishing has a similar objective to that of traditional Phishing, although it uses different methods to do so. As we know, the most common phishing attacks come through email. Basically it consists of receiving an e-mail that supposedly comes from an official company or organization, but in reality behind it there is an attacker.
The goal is for the victim to click on that link and go to a page that has been modified to steal the data. For example, it is common to find a form to log in. However, when doing so, the data will go to a server controlled by the attackers.
For its part, Angler Phishing has a similar objective, but in this case, instead of email, it uses social networks . They create a page, a profile, that simulates being from a legitimate company, organization or person. But of course, actually behind that account there is a hacker who has simply released the hook to fish.
Cyber criminals take advantage of the fact that companies and organizations increasingly use social networks to stay in touch with their users, promote themselves, etc. So thanks to this they can capture the victim’s attention. They pose as the official profile of a company and can request personal data from users, obtain information, send links to log in, etc.
We already know that many users use companies’ social media profiles to make complaints, obtain information or resolve their doubts. Of course, sometimes users do not verify if that really is the official profile. They may be giving your data to a cyber criminal who can use it to send targeted advertising, include it in a spam list, sell it to third parties …
Take, for example, a company selling electronic devices. The bait may be a spectacular offer to purchase a certain product. The victim believes that this profile, that advertisement or link that they are seeing is really legitimate and belongs to an official profile. Ask, look for information, and they ask you to give your data. They may offer you a link to fill out a form, etc.
Once that happens the process is similar to traditional Phishing: the data, passwords and any information that we put go to a server controlled by hackers.
How to avoid becoming victims of Angler Phishing
To avoid being victims of this scam through social networks, the most important thing is common sense . It is essential that we never deliver our data when browsing the network, or when using social networks, even if we believe that we are facing a legitimate profile. It is always necessary to correctly verify the web page that we visit, the services and platforms that we use.
It is also important that we do not expose our data more than the account. Otherwise they could use these false profiles to contact us and ask us for more data and information. In this way they could win our trust and deceive us.
On the other hand, it never hurts to use security tools to protect our equipment and also keep systems updated correctly. Sometimes vulnerabilities arise that are exploited by hackers to put our computers at risk. It is vital to install the latest patches.
We leave you an article with some tips to maintain security on social networks . There we talk about what we have to do to avoid being victims of problems that affect our accounts.
