TikTok phishing campaign tried to scam over 125 influencer accounts

Hackers threatened to delete accounts over copyright violations

Hackers have mounted a phishing campaign intending to hijack the accounts of at least 125 influencers on the social media network.

Security researchers at Abnormal Security said the campaign, in which emails were sent in two rounds on October 2 and November 1 to more than 125 individuals and businesses, appeared to target large-volume TikTok accounts worldwide.

The victims, which included social media production studios, influencer management firms, content producers, actors, models, and magicians, were told their posts violated copyright laws and had to respond to the message or have their account deleted in 48 hours.

After replying to the first email, researchers received another email containing a shortened link titled “Confirm My Account,” which directed them to a WhatsApp chat conversation. Researchers were asked to verify the phone number and email address linked to the targeted TikTok account in that WhatsApp conversation.

Hackers pretending to be TikTok officials then asked to confirm ownership of the account by providing the six-digit code we had received. Researchers said this was one way hackers try to bypass two-factor authentication. Hackers then ended the conversation with researchers once they found out their audience engagement on TikTok was below par. 

Another email offered victims a verified badge with a link to click that would “verify” them. This also led to a WhatsApp conversation with the hackers pretending to be from TikTok.

Researchers said that while they could not identify the campaign’s goal, past targeting of social media accounts on other platforms offers several options.

Related Resource

2021 state of email security report: Ransomware on the rise

Securing the enterprise in the COVID world

2021 state of email security report: Ransomware on the rise - whitepaper from MimecastFree download

“Social media accounts have become increasingly valuable in recent years, creating the incentive to ransom them back to the original owners for a hefty fee,” said researchers.

“An underground economy has evolved to offer ban-as-a-service, manipulating abuse reporting mechanisms to harass and censor other users, primarily on Instagram.”

Researchers warned that victim accounts in this scenario often end up deleted, especially for those on TikTok.

“Social media platforms explicitly state in their terms of service that they bear no responsibility for any data loss and advise users to store all account material externally. In most instances, data from deleted accounts is not recoverable by the platform,” said researchers.

“And so even if the ransom payment is paid, there may be no regaining access to your social media accounts—costing those who depend on it for their income to lose their entire livelihood in one swoop.”

Featured Resources

2021 Thales cloud security study

The challenges of cloud data protection and access management in a hybrid and multi cloud world

Free download

IDC agility assessment

The competitive advantage in adaptability

Free Download

Digital transformation insights from CIOs for CIOs

Transformation pilotes, co-pilots, and engineers

Free download

What ITDMs did next - and what they should be doing now

Enable continued collaboration and communication for hybrid workers

Recommended

Education and government most at risk from email threats
phishing

Education and government most at risk from email threats

26 Nov 2021
Hackers use Linux backdoor on compromised e-commerce sites with software skimmer
malware

Hackers use Linux backdoor on compromised e-commerce sites with software skimmer

19 Nov 2021
Iranian hackers ramp up attacks against IT services sector
hacking

Iranian hackers ramp up attacks against IT services sector

19 Nov 2021
Alibaba ECS instances targeted in new cryptojacking campaign
cryptocurrencies

Alibaba ECS instances targeted in new cryptojacking campaign

16 Nov 2021

Most Popular

What should you really be asking about your remote access software?
Sponsored

What should you really be asking about your remote access software?

17 Nov 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

30 Nov 2021
What is single sign-on (SSO)?
single sign-on (SSO)

What is single sign-on (SSO)?

2 Dec 2021