TikTok links are being used to hijack Microsoft accounts
Hackers have apparently found a way to abuse TikTok URLs in phishing attacks
Hackers are using TikTok in new phishing attacks as they attempt to steal people’s Microsoft Office 365 credentials, a new report from Cofense has warned.
The company's researchers detected someone sending out phishing emails threatening victims that all of their emails will be deleted unless they press a button. What’s new about this campaign is that the button actually leads to TikTok.
To make the attack work, the attackers employ TikTok URLs. A TikTok URL usually appears in the bios of a profile that has links to external websites, the researchers explained - so therefore, the TikTok URL can redirect the visitor to whatever site the profile holder chooses.
Spotting the scam
If the phishing email recipient does not spot the trick and clicks the button in the message, they will be sent through a number of redirects, ultimately landing on a web page that looks like a Microsoft 365 login site, with the company logo and all. The malicious site even autofills the user’s email address in order to improve legitimacy.
However, since this is a fake website, controlled by the attackers, any information - including passwords - submitted there, go straight to the hackers.
The use of TikTok URLs may be novel, but the overall methodology does not differ much from what we’re used to seeing. The email still comes from a completely unrelated domain. It is still full of grammar and spelling mistakes. Finally, the URL of the landing page does not even come close to resembling a Microsoft domain.
Therefore, spotting the attack should not be too difficult - it only takes being a little mindful of the emails coming in, and not trusting everything in the inbox.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
More from TechRadar Pro
- An ID verification service for TikTok, Uber and X reportedly left its credentials open for a year
- Here's a list of the best firewalls around today
- These are the best endpoint security tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.