Don’t Let Angler Phishing Lure Your Customers into a Trap

Share with your network!

Fraudsters create fake social media accounts for many reasons. They may want to use your brand’s popularity to distribute malware, ads, pornography, or hate speech. Alternatively, they might want to protest or embarrass your brand. Fake accounts are never good for your company or your customers, but the most harmful fake accounts are those created to launch phishing attacks against your followers.

This type of fraud is on the rise. In 2016 Proofpoint has already seen a 150% increase in social media phishing attacks when compared to the same period last year. In particular, we’ve seen an increase in a dangerous new variation called angler phishing.


What is angler phishing?

This attack is named after the anglerfish, which uses a bioluminescent lure to entice and attack smaller prey. In this case, the glowing lure is a fake customer support account that promises to help your customers but secretly steals their credentials instead.


How does it happen?

Fraudsters create highly convincing fake customer service accounts and then monitor social media channels for customer support requests. Angler phishing hackers often wait to strike on evenings or weekends when your brand is less likely to monitor social media interactions. When the hacker sees a customer contact your brand, they hijack the conversation by responding directly to that customer using their fake support page. You can see an example of a hijacked conversation below. 





The fraudsters are looking for any tweet or post that mentions the brand “Major Bank”. Even though John Smith tweeted his request to @majorbank, the hackers were able to intercept his tweet and respond using their fake account @askmajorbank. The link in the fraudulent response will lead John to a perfect replica of the bank’s login page. There the hackers can steal his online banking credentials, ATM pin, security questions and answers, and more.


Who is at risk?

Fraudulent customer support accounts are a problem for any business that provides customer service on social media. However, 2016 research from the Anti-Phishing Working Group shows that more than 75% of phishing attempts target financial service and ecommerce organizations to steal banking credentials and make fraudulent purchases.


How can I stop angler phishing attacks?

The first step in preventing angler phishing attacks is account discovery. But it is ineffective to manually search for fraudulent accounts that can be created and taken down in a matter of hours or even minutes. Proofpoint’s automated account discovery tool monitors the social universe around the clock and will notify you as soon as anyone creates a new account using your brand.

It is also important to safeguard your social media interactions with your customers. Our Angler Phish Protection solution can notify you when a fraudulent account contacts one of your customers. We can even facilitate the fraudulent account takedown process.

To learn more about how you can protect your customers and your brand, visit