Phishing attack spoofing TikTok employees, threatening to delete influencers’ accounts, and soliciting authentication badges

news

We have learned of a new phishing attack that primarily targets high-profile TikTok accounts owned by influencers

https:// abnormalsecurity.com/blog/tiktok-credential-phishing

The email attacks, which were sent to more than 125 individuals and businesses on two separate occasions on October 2 and November 1, 2021, appear to have targeted high-volume TikTok accounts in different regions. In addition to the typical talent agencies and brand consultancies, the messages were sent to actors, social media production studios, influencer management companies and content creators.

In some cases, attackers have impersonated TikTok employees, threatening recipients with imminent account deletion for allegedly violating the platform’s terms and conditions.

Emails offering the chance to obtain a verification badge can also be used in phishing attacks, and using this verification badge for phishing is considered to be very effective.

TikTok’s “Verified” badge is because it gives weight to content posted by verified accounts and signals the platform’s algorithms to increase the exposure of posts from these accounts

In both cases, the attacker is doing this to the target by clicking on an embedded link to verify the account.

If you click on the link, you will be redirected to a WhatsApp chat room instead, where a scammer pretending to be a TikTok employee is waiting for you.

The scammer asks for your email address, phone number, and a one-time code needed to bypass multi-factor authentication and reset your account password.

It is unclear what the phishers are trying to accomplish with this attack, but they are either trying to hijack the target’s account or extort the account owner to pay a ransom in order to regain control.

TikTok’s terms of service make it clear that if an account, especially one with a large number of followers, violates its service, the account will be permanently suspended or terminated.

This means that an attacker can easily threaten to post something inappropriate, and the profile that the owner has spent time and money to create will be deleted.

If you own or manage valuable social media accounts, back up all your content and data to a safe place

You should also always protect your account with two-factor authentication (2FA), two-step verification, and ideally a hardware security key.

If you can only use the less secure SMS-based 2FA option, choose a private phone number that you have not given to anyone and use it only for this purpose.

Comments

タイトルとURLをコピーしました