Security News > 2021 > November > Phishing Scam Aims to Hijack TikTok ‘Influencer’ Accounts

A recently discovered phishing scam tried to takeover more than 125 high-profile user accounts on TikTok.

Researchers at cloud email security provider Abnormal Security detected the scams that attempted to take over people's accounts by sending emails impersonating TikTok and asking users to verify their log-in information.

Each target had large-volume TikTok accounts "Of all kinds and across disparate locales," according to a Tuesday report authored by Abnormal Security.

Researchers turned the attackers' tactics back on them, impersonating influencers by responding to the phishing email, which garnered an email response containing shortened link titled "Confirm My Account" that directed researchers to a WhatsApp chat conversation, she explained.

"Within the WhatsApp conversation, we were asked to verify the phone number and email address linked to the targeted TikTok account," Chouinard wrote.

Communications with attackers ceased after that because attackers likely checked the TikTok account researchers used, which would show that "Our audience engagement was below par," Chouinard wrote.

News URL

https://threatpost.com/phishing-scam-tiktok-influencer/176391/