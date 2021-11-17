Alert to TikTok content creators: Abnormal Security researchers have identified a new campaign for phishing which targets accounts of major content creators on the social network, such as influencers or official brand profiles.

According to a survey carried out by security firm Abnormal Security, the campaign had two peak distribution periods: beginning of October and beginning of November, which may indicate that new attempts will be carried out in the beginning of December.

The survey detected two types of approach: in the first, the email senders try to impersonate TikTok employees, and claim that the recipient will have their account deleted for a violation of the platform’s terms of use. In the second approach, the message also tries to pass itself off as TikTok’s official communication, but offers the Verified seal, much sought after by the creators of the social network due to the improvements in the ranking of the algorithm. If something is desired, it is an effective strategy to offer it.

In both approaches, at the end of the message, a link is provided to supposedly request verification or prevent the account from being deleted. When clicked, a WhatsApp conversation opens, with someone posing as an employee of the social network.

The criminal then claims that to complete the process, the victim must share his email address, telephone number and the account’s one-time use code, which allows him to enter the platform once without using two-factor verification.

Finally, after acquiring the information, the criminal accesses the victim’s TikTok account and changes the login credentials.

Purpose of phishing campaign on TikTok is not yet clear

The criminals’ purpose remains unclear, according to the survey. The researchers believe they may either be looking to steal the big accounts to get a large audience on the platform, or even demand ransoms to retrieve their credentials.

Furthermore, the danger of the account being deleted is real, as TikTok’s terms of service state that any user, especially those with a large following, will be permanently suspended if they break the platform’s rules. Criminals, after obtaining access credentials, may well threaten to post inappropriately so that they result in punishment.

To prevent this scam, we recommend using strong passwords, suspecting strange messages and especially not sharing personal data via WhatsApp or any other area of ​​the internet without first confirming the recipient’s identity.