CP
cyberpings
FraudHIGH

AITM Phishing - New Wave Targets TikTok Business Accounts

SASecurity Affairs
AITM phishingTikTok BusinessmalvertisingPush Securitycredential theft
🎯

Basically, scammers are tricking TikTok Business users to steal their accounts and money.

Quick Summary

A new phishing campaign is targeting TikTok Business accounts, aiming to hijack them for malicious advertising. This poses a serious risk to businesses, leading to credential theft and financial loss. Stay vigilant and protect your accounts from these scams.

What Happened

A new wave of Account in the Middle (AiTM) phishing attacks is targeting TikTok Business accounts. Researchers from Push Security have uncovered these phishing pages designed to hijack accounts for malvertising. This campaign mirrors tactics seen in previous Google-themed scams, using fake pages to deceive users.

Attackers create newly registered domains that redirect victims from legitimate sites to these phishing pages. Once on the page, users are prompted to enter their credentials, which the attackers then capture. The phishing pages are cleverly disguised as TikTok and Google services, making them appear legitimate to unsuspecting users.

Who's Affected

Businesses using TikTok for advertising are the primary targets of this phishing wave. When attackers gain access to a TikTok Business account, they can run malicious ads, steal sensitive information, and engage in ad fraud. This not only compromises the account but can also impact the associated Google accounts, leading to broader data theft and financial loss.

The rapid creation and deployment of these phishing pages make it challenging for organizations to defend against these attacks. The use of Cloudflare for hosting adds another layer of complexity, as it helps mask the malicious intent of these sites.

What Data Was Exposed

Once compromised, attackers can access a range of sensitive data, including login credentials for TikTok and potentially linked Google accounts. This data can be exploited for various malicious activities, including running fraudulent advertising campaigns and distributing malware.

The report by Push Security highlights that the Indicators of Compromise (IoCs) for this campaign are short-lived. This means that by the time organizations identify and respond to the threat, the attackers may have already switched to new domains, making it harder to track and mitigate the risks.

What You Should Do

To protect against these types of phishing attacks, users should be vigilant when clicking on links, especially those that appear to come from trusted platforms. Here are some steps to enhance your security:

  • Verify URLs: Always check the URL before entering any credentials. Look for signs of legitimacy.
  • Enable Two-Factor Authentication: Adding an extra layer of security can help protect your accounts even if credentials are compromised.
  • Educate Employees: Regular training on recognizing phishing attempts can significantly reduce the risk of falling victim to these scams.

By understanding the tactics used in these phishing campaigns, businesses can better prepare themselves against potential threats.

🔒 Pro insight: The rapid evolution of AiTM phishing tactics highlights the need for continuous user education and adaptive security measures to counteract evolving threats.

Original article from

Security Affairs · Pierluigi Paganini

Read Full Article

Share

Related Pings

HIGHFraud

AiTM Phishing - New Campaign Targets TikTok for Business

A new AiTM phishing campaign is targeting TikTok for Business accounts using Google-themed login pages. This poses significant risks for marketing teams managing ads. Stay alert and protect your accounts from these scams.

Infosecurity Magazine·
HIGHFraud

Palo Alto Recruiter Scam - Phishing Campaign Alert

A new phishing scam is impersonating Palo Alto Networks recruiters to defraud professionals. Targets are tricked into paying for fake services. Stay alert and verify sender details to avoid falling victim.

SecurityWeek·
HIGHFraud

Fraud - Silver Fox Campaign Targets Japanese Businesses

Silver Fox is exploiting Japan's tax season with phishing emails targeting businesses. This campaign poses a significant risk to sensitive company data. Employees must stay vigilant and verify communications to protect their organizations.

Cyber Security News·
HIGHFraud

Fraud - Criminals Rent Virtual Phones to Bypass Bank Security

Criminals are now renting virtual phones to bypass bank security measures. This tactic poses significant risks to banking customers. Stay vigilant and protect your accounts from unauthorized access.

Malwarebytes Labs·
HIGHFraud

Fraud - AitM Phishing Campaign Targets TikTok Business Accounts

A new phishing campaign is targeting TikTok for Business accounts, putting users at risk of malvertising and malware distribution. Cybercriminals are using deceptive tactics to gain control of these accounts. Stay alert and protect your business from these threats.

The Hacker News·
HIGHFraud

Fraud Alert - UK Targets Chinese Crypto Marketplace Xinbi

The UK has sanctioned Xinbi, a major illicit crypto marketplace, for its role in funding scams in Southeast Asia. This action aims to protect victims and disrupt human trafficking linked to these operations. The crackdown highlights the UK's commitment to combating international fraud and human rights abuses.

Infosecurity Magazine·