New phishing campaign targeting Tiktok influencers Accounts
Tiktok accounts belongs to influencers, influencers management firms, brand consultants, social production studios… have been targeted by a new phishing campaign. Abnormal Security researcher Rachelle Chouinard wrote in the blog published that this phishing campaign was distributed in two rounds on October 2, 2021, and on November 1, 2021.
“From well-known digital media channels to individual actors, models, and magicians, the campaign reached out to content creators worldwide. Several emails were sent to the wrong company of the same name in the same country, and many of the email addresses used appear to have been lifted directly from social media.”
This phishing mail appears as a copyright violation notice from TikTok where the victim is instructed to respond to the mail, or the account will be deleted in 48 hours.
When replied to the threat actor will send a email link named “Confirm My Account” which directs to a WhatsApp chat conversation. There is verification is taken on the phone number and email address linked to the targeted TikTok account.
There the threat actors ask for the one-time code send to bypass Multi factor Authentication and reset the account password. Still the aim of this campaign is still clear it may be either to takeover the account or may to demand a ransom for giving back the control.
“Social media platforms explicitly state in their terms of service that they bear no responsibility for any data loss and advise users to store all account material externally. In most instances, data from deleted accounts is not recoverable by the platform. And so even if the ransom payment is paid, there may be no regaining access to your social media accounts—costing those who depend on it for their income to lose their entire livelihood in one swoop.”
Reference