Chennai: With countries across the globe mulling ban on TikTok, a popular social media app, cyber fraudsters are using this opportunity to spread fake TikTok apps to infect and scam more victims.
Recently, SonicWall Capture Labs Threat Research team identified one such fake app that tries to steal victimsā credentials from their TikTok account by showing a fake login page.
On further investigation of the domain, similar links as found under Tik Tok Beta directory are present for directories of Facebook and Instagram as well. The domain and page are similar indicating that authors behind this malware have multiple popular target apps in mind.
Debasish Mukherjee, vice-president, regional sales – APAC at SonicWall, says, “We are noticing a spike in the number of phishing attacks through malicious links and apps that hack devices and steal data of users. And fake Tik Tok app is the latest to join this bandwagon. Cybercriminals are working overtime to impact peopleās lives. Though banned in India, Tik Tok which has mass appeal does compromise data of millions of users with this kind of attack. Individuals are advised to be extremely vigilant against such unwarranted attacks.”
Those with a keen sense of observation will easily spot the phishing page but as evident from one of the pages obtained on the server, few people were duped into entering their legitimate credentials.