CybersecurityData LeakWindowsMacMobile
More ▾
CybersecurityData LeakWindowsMacMobileGamingProduct ReviewScam
Download Products
Home/News & Alerts/TikTok Phishing Scams Target Influencers

TikTok Phishing Scams Target Influencers

ByFred MelnyczukNovember 29, 2021

With over one billion users, TikTok is a giant of social media. On the mini-video sharing app, creators who make or ride a wave can rack up millions of followers. That makes their accounts very valuable — and cybercriminals are increasingly targeting it.

Researchers at Abnormal Security have been reporting on a new phishing campaign that has had in its sights more than 125 leading TikTok accounts. In the malicious scam campaign, influencers are sent emails claiming copyright infringement or offering verified profile status.  The emails aren’t particularly well-crafted, but many people (especially those desperate for TikTok success) are at risk.

If the influencer replies to the email, the case is likely handed over to a more convincing scammer. A more professional-seeming reply is sent which directs the victim to a WhatsApp chat. The criminals then ask for the phone number and email address linked to the user’s account.

Following this, the cybercriminals will be able to hijack the account and make a quick profit turnaround, before disappearing. One route they take is to post scam content to the massive TikTok audience. Another is to ransom the account itself (creators can end up losing access to their account along with all content).

In the case of corporate targets, the attackers are also going after social media production companies — as well as talent management companies. If the influencer receives the phishing email from what appears to be one of these organizations, they will be much more likely to respond, perhaps thinking that they’ve hit the big time.

The reason these TikTok accounts are so highly-prized by scammers all comes down to the value of consumer trust. An account with a high level of trust gives scammers an advantage when launching malicious campaigns.

In summary, stay safe out there TikTokers! And be weary of any emails coming in from talent agencies, or on the topic of copyright infringement and profile verificationPay attention to the email addresses: official emails are very rarely Gmail addresses.

As ever, we hope this article has been of use and/or interest to you — if so, please do SHARE with friends and family to help keep the online community secure and protected.

cyber crimeCybersecurityphishing scamprivacy
Click each tag to explore related articles.
Trend Micro ID Protection
Copyright © 2021 Trend Micro Inc. 
All rights reserved.
Terms of UsePrivacy NoticeContact Us

This website uses cookies for website functionality, traffic analytics, personalization, social media functionality and advertising. Our Cookie Notice provides more information and explains how to amend your cookie settings.

Accept
Learn More