1. Forum
  2. tqwNet
  3. TQW GENTECH

  • TikTok for Business accounts targeted in phishing campaign here'

    From TechnologyDaily@1337:1/100 to All on Friday, March 27, 2026 11:30:32
    TikTok for Business accounts targeted in phishing campaign here's how to
    stay safe

    Date:
    Fri, 27 Mar 2026 11:26:32 +0000

    Description:
    TikTok for Business users warned not to click any shady links, especially those recently registered through Nicenic.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Pro Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Become a Member in Seconds Unlock instant access to exclusive member features. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are
    now subscribed Your newsletter sign-up was successful Join the club Get full access to premium articles, exclusive features and a growing list of member rewards. Explore An account already exists for this email address, please log in. Subscribe to our newsletter Push Security uncovers phishing campaign targeting TikTok Business accounts Attackers use Google Storage links and
    AITM kits to steal credentials, cookies, and MFA codes Compromised accounts exploited for fraudulent ad campaigns and infostealer distribution via fake TikTok content If your business is running a TikTok account, be careful - hackers are going after your login credentials with a sophisticated phishing attack.

    A new report from Push Security outlines a campaign which most likely starts with a phishing email. Although this is not confirmed, Push found a malicious link that routes victims through a legitimate Google Storage URL to appear trustworthy, before redirecting to one of almost a dozen malicious landing pages, all registered with the same shady registrar (Nicenic International Group, allegedly commonly abused for bulk phishing domain registration). When the victim clicks the link, a Cloudflare Turnstile check is first triggered
    to block security bots, after which the victim is shown a fake landing page. This page mimics either TikTok for Business, or sometimes Google Careers.
    They are then asked to fill out a basic form (for scheduling a call, or similar), and later redirected to a fake login page. Article continues below You may like Yet another phishing campaign impersonates trusted Google services - here's what we know Watch out - that Google Tasks email could be a scam, and land you in hot water at work Hackers hijack LinkedIn comments to spread malware - here's what to look out for Stealing both TikTok and Google The login page is actually an Adversary-in-the-Middle (AITM) phishing kit acting as a reverse proxy, capturing login details and session cookies in
    real time. Furthermore, the kit also allows the attacker to steal MFA codes, work around them, and gain full access to peoples accounts.

    The problem is further exacerbated for people who use Googles single sign-on feature, since they give away access to both platforms, and allow the attackers to run fraudulent ad campaigns through their (vetted) accounts, and using their funds:

    Its worth pointing out too that many/most business users will opt to log in with Google.

    This means that anyone using Google to login to their TikTok account will effectively have both accounts used to distribute ads compromised in one go, opening up the typical Google Ad Manager exploitation playbook as well as accessing any further apps accessible via SSO for data theft and extortion, Push explained. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners
    or sponsors By submitting your information you agree to the Terms &
    Conditions and Privacy Policy and are aged 16 or over.

    This has become the standard MO for attackers, in campaigns such as the Scattered Lapsus$ Hunters AITM phishing spree earlier this year, and their recent spate of device code phishing attacks. Weird choices Is TikTok a
    "weird choice" of attack? (Image credit: Future) The researchers also said that while it makes sense to target Google accounts - TikTok was a weird choice at first glance. However, knowing how TikToks been historically
    abused, with great success, changed their perspective.

    What theyre referring to is the fact that there are plenty of fake
    instruction videos on TikTok. Theyre saying that there are countless AI-generated and otherwise manipulated clips on the platform, where users are explained to to activate Windows, or turn on hidden, premium, or bonus features for Spotify, CapCut, and other apps, tools, and services. What to read next This phishing campaign spoofs internal messages - here's what we know Watch out: hackers are hijacking Microsoft Teams messages to try and get access to your emails - here's what you need to look out for Linux users targeted as crypto-stealing malware hits Snap packages - here's how to stay safe

    The descriptions of these fake instruction videos often come with download links, where victims think theyll be getting these premium tools for free. However, what theyre actually getting are infostealers - Vidar, StealC, Aura Stealer, and many others, are powerful tools that can exfiltrate login credentials, cryptocurrency wallet data, cookies and session tokens, and
    much, much more.

    One such video, Push Security says, has more than 500,000 views and more than 20,000 likes.

    Another way of abusing TikTok is to promote fake campaigns through
    influencers and other popular individuals, such as Elon Musk, or Michael Saylor. These campaigns often invite people to register accounts on
    fraudulent cryptocurrency exchanges, or otherwise invest their money into
    scam projects.

    Via BleepingComputer The best antivirus for all budgets Our top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/tiktok-for-business-accounts-targeted-i n-phishing-campaign-heres-how-to-stay-safe


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)