CP
cyberpings
FraudHIGH

Fraud Alert - TikTok for Business Accounts Targeted

BCBleepingComputer
TikTokphishingmalvertisingGoogle SSOPush Security
🎯

Basically, scammers are tricking TikTok for Business users into giving up their login details.

Quick Summary

A new phishing campaign is targeting TikTok for Business accounts, risking sensitive data and security. Users should be vigilant against suspicious links and verify domains before entering credentials. Protect your accounts by using passkeys and reporting any suspicious activity.

What Happened

A new phishing campaign is specifically targeting TikTok for Business accounts. This campaign is particularly dangerous as it employs tactics that prevent security bots from analyzing the malicious pages. The attackers are leveraging the high potential for abuse associated with TikTok Business accounts, which can be exploited for malvertising, ad fraud, and spreading malicious content.

The campaign has been linked to previous attacks that targeted Google Ad Manager accounts. This connection suggests a pattern of targeting platforms with significant advertising capabilities, making them attractive to cybercriminals. The phishing pages are hosted on Cloudflare and are designed to look legitimate, which increases the likelihood of victims falling for the scam.

Who's Being Targeted

Business accounts on TikTok are the primary targets of this phishing campaign. These accounts are appealing to attackers due to their perceived legitimacy and extensive reach. Users who log into TikTok using Google's single sign-on (SSO) service are particularly at risk. If compromised, both their TikTok and Google accounts could be hijacked simultaneously, allowing attackers to exploit both platforms for malicious purposes.

The phishing strategy involves luring users to fake pages that impersonate TikTok and Google Careers. By requesting basic information first, the attackers can validate the victim's business email address before leading them to a fake login page designed to capture credentials.

Signs of Infection

Victims may encounter suspicious invites or job offers that lead to these phishing pages. The malicious domains are crafted to mimic legitimate services, making it difficult for users to identify them as threats. Once on the phishing page, users are prompted to enter their credentials, which are then captured by the attackers.

It's crucial for users to be aware of the signs of phishing, such as unusual URLs or requests for sensitive information. The use of two-factor authentication (2FA) does not guarantee safety, as attackers can still hijack accounts through the reverse proxy method employed in this campaign.

How to Protect Yourself

To safeguard against this phishing threat, users should adopt several best practices. Always verify the legitimacy of links before clicking, especially those received from unknown contacts. Checking the domain is essential; if it looks suspicious, avoid entering any credentials.

Additionally, using passkeys can enhance security for valuable accounts. Users should remain cautious and report any suspicious activity to TikTok or their email provider. By staying informed and vigilant, users can better protect themselves from falling victim to this phishing campaign.

🔒 Pro insight: This campaign highlights the increasing sophistication of phishing tactics, especially targeting high-value accounts like those on TikTok for Business.

Original article from

BleepingComputer · Bill Toulas

Read Full Article

Share

Related Pings

HIGHFraud

Financial Fraud - Cloud Phones Fueling New Threats

What Happened A recent report by Infosecurity Magazine reveals a troubling trend in financial fraud driven by cloud phones. These virtualized Android devices, hosted on remote servers, are increasingly being used by criminals to conduct fraudulent activities. According to an analysis from Group-IB, these cloud phones facilitate the creation of dropper accounts—bank accounts designed to store and transfer illicit

SC Media·
HIGHFraud

Microsoft Phishing - Bubble AI App Builder Exploited

Hackers are using the Bubble AI app builder to create fake apps that steal Microsoft login credentials. This sophisticated phishing scheme targets Microsoft 365 accounts, posing a significant risk to users. Awareness and vigilance are crucial to combatting these attacks.

SC Media·
HIGHFraud

Fraud - UK Sanctions Xinbi Marketplace for Scams

The UK has sanctioned Xinbi, a cryptocurrency marketplace linked to scams. This move targets networks exploiting stolen data and aims to disrupt their operations. It's a significant step in protecting potential victims from financial harm.

BleepingComputer·
HIGHFraud

Fraud - $20 Billion Crypto Scam Market Faces Government Crackdown

The UK has sanctioned the Xinbi Guarantee marketplace, a major hub for cryptocurrency scams. This crackdown targets operations linked to human trafficking and fraud. The move aims to disrupt the financial networks supporting these criminal activities. Stay informed and protect yourself from scams.

Wired Security·
HIGHFraud

Fraud - Inside a Modern Attack from Signup to Takeover

Fraud attacks are evolving, using bots and stolen credentials for account takeovers. Businesses must adapt their defenses to prevent significant losses. A multi-signal approach is crucial for effective fraud prevention.

BleepingComputer·
HIGHFraud

Fraud - UK Sanctions Chinese Crypto Marketplace Xinbi

The UK has sanctioned Xinbi, a Chinese crypto marketplace linked to large-scale fraud. This action aims to disrupt the financial networks behind global scams. By targeting such platforms, authorities hope to protect citizens from becoming victims of cybercrime.

The Record·