A recently discovered phishing scam tried to takeover more than 125 high-profile user accounts on TikTok. Researchers said the campaign marks one of the first major attacks on “influencers” found on the TikTok social-media platform. Researchers at cloud email security provider Abnormal Security detected the scams that attempted to take over people’s accounts by sending emails impersonating TikTok and asking users to verify their log-in information. The campaign, tracked on Oct. 2 and Nov. 1, was sent to individuals worldwide. Each target had large-volume TikTok accounts “of all kinds and across disparate locales,” according to a Tuesday report authored by Abnormal Security. “Among the typical talent agencies and brand-consultant firms we would expect to see, this actor sent messages to social media production studios, influencer management firms, and content producers of all types,” Rachelle Chouinard, a threat intelligence analyst at Abnormal Security, wrote in the report. Impersonation Game The emails tried to dupe users into sending their log-in information to the threat actors in one of two ways, each of which required further action from the target. In both cases attackers pretended to be contacting users from TikTok, which is owned by Chinese company ByteDance. One of the emails sent in the campaign informed the user that his or her account violated TikTok’s copyright and asked the user to reply to the email to verify the account, threatening to remove the account in…
https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png 0 0 govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2021-11-17 08:44:002021-11-17 08:44:00Phishing Scam Aims to Hijack TikTok ‘Influencer’ Accounts
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email email@example.com