A new phishing scam targeting TikTok users has been detected. The scammers’ purpose was to try to takeover more than 125 high-profile users accounts on the platform. This is believed to be the first major phishing attack on TikTok influencers.
TikTok Phishing Campaign Explained
The phishing emails were sent out in two rounds on October 2, 2021, and November 1, 2021, said Abnormal Security. At least 125 individuals and businesses were targeted. “Among the typical talent agencies and brand-consultant firms we would expect to see, this actor sent messages to social media production studios, influencer management firms, and content producers of all types,” the report said. Many of the emails used in the campaign were taken directly from social media. In some cases, the scammers targeted the wrong company of the same name and in the same country.
The way the campaign was orchestrated and conducted indicates that the scammers linked TikTok accounts with other social media such as Facebook and Twitter. It is curious to mention that Facebook has also been targeted in phishing scams. The original phishing email was designed to appear like a copyright violation notice from TikTok, in which the victim is instructed to respond to the message, or else their account would be deleted in48 hours.
The researchers replied to the phishing email, and the attackers initiated a communication. The respond they sent contained a shortened link called “Confirm My Account,” which redirected to a WhatsApp chat. Within this conversation, the researchers were asked to verify the phone number and email address linked to the targeted TikTok account.
The next demand was to confirm the ownership of the account by providing the six-digit code the researchers had already received. This is an excellent example of how attackers bypass multi-factor authentication. The conversation ended when the attackers realized that the TikTok account the researchers used had low audience engagement. “Unfortunately, we could not locate any influencers who would let us use their account for this experiment,” the researchers noted.
TikTok’s brand has been also abused in adware campaigns, such as tiktok-news.com and tiktok-fun.com. These are examples of browser redirects that could take online users to various suspicious pages.
More news related to TikTok:
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: