1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • TikTok influencers are being targeted by this dangerous new phish

    From TechnologyDaily@1337:1/100 to All on Thu Nov 18 16:30:04 2021
    TikTok influencers are being targeted by this dangerous new phishing threat

    Date:
    Thu, 18 Nov 2021 16:08:48 +0000

    Description:
    TikTok account becoming increasingly valuable, incentivising scammers to ransom them back to the original owners.

    FULL STORY ======================================================================

    Cybersecurity researchers have chanced upon a new phishing campaign that targets high-profile content creators on TikTok in order to wrest control of their account for nefarious purposes.

    Discovered by Abnormal Security, the scam involves two ploys. In one the scammers impersonate TikTok employees, and threaten the recipient with imminent account deletion due to an alleged violation of the platform's
    terms.

    In the other scam, the attackers bait the TikTok users with the offer of a Verified badge, which brings with it additional credibility and increased exposure. TechRadar needs you!

    We're looking at how our readers use VPNs with streaming sites like Netflix
    so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

    Click here to start the survey in a new window << Takeover or extortion?

    According to Abnormal, irrespective of the bait, the scammers invite recipients to click a link to proceed further.

    The link redirects them to a WhatsApp chat room, where the scammer, impersonating as a TikTok employee, asks the content creators for details to log into their account, including the one-time password (OTP) to bypass the platforms multi-factor authentication ( MFA ).

    In their breakdown of the scam, Abnormal notes that theyve spotted two activity peaks while monitoring the distribution of emails in this campaign, one on October 2, 2021, and the other on November 1, 2021.

    Since the researchers could get the scammer to take over their account, they are unclear as to the end goal of the scammers. Based on similar phishing campaigns on other social networking platforms, the researchers believe that the attackers could perhaps take over the account to force the owners to pay
    a ransom.

    Social media platforms explicitly state in their terms of service that they bear no responsibility for any data loss and advise users to store all
    account material externally.And so even if the ransom payment is paid, there may be no regaining access to your social media accountscosting those who depend on it for their income to lose their entire livelihood in one swoop, warns Abnormals Threat Intelligence Analyst, Rachelle Chouinard.

    Make sure you protect yourself online with these best identity theft protection services and use these best security keys to add another layer to safeguard your accounts



    ======================================================================
    Link to news story: https://www.techradar.com/news/tiktok-influencers-are-being-targeted-by-new-ph ishing-threats/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)