Hackers Exploit TikTok Links to Secretly Hijack Microsoft Accounts

The researchers have discovered a new phishing campaign that is using URLs from TikTok to direct users to malicious websites with malicious intent. 

Attackers are sending deceptive emails claiming all user messages will be deleted, aiming to steal Microsoft Office 365 credentials. While using popular social media platforms for phishing is not new, TikTok’s involvement is unique. 

By exploiting the platform’s trust and redirecting users through seemingly legitimate URLs, attackers bypass suspicion and increase the likelihood of victims falling for the scam, which highlights the ever-evolving tactics of phishing campaigns and the importance of online vigilance.

The threat actor employs a social engineering tactic to deceive the user into clicking a malicious link. The email, disguised as an urgent Office 365 alert, falsely claims that the user’s emails are scheduled for deletion and must be canceled immediately. 

To heighten urgency, the email uses fear-inducing language and impersonates the user’s IT department. However, the sender’s email address is fraudulent, originating from a different domain. 

The email’s design includes a conspicuous button that contrasts with the rest of the email, yet lacks visual complexity, which redirects the user to a TikTok domain, indicating a potential phishing attempt.

The phishing attack begins with a malicious link that redirects users through multiple websites before ultimately leading them to a fraudulent Microsoft login page. 

The page mimics the legitimate Microsoft login interface, including autofilling the user’s email address, to deceive users into believing they are on a genuine site, which exploits Microsoft’s widespread use as an email provider. 

The phishing page also includes a section with a link and a phone number for assistance, both of which redirect back to the phishing page, further enhancing its legitimacy, which is designed to trick users into providing their login credentials.

According to Cofense, the campaign leverages TikTok’s widespread popularity to bypass user suspicion and deceive recipients into believing urgent messages from seemingly legitimate sources. 

By impersonating company IT departments, threat actors exploit both user trust and fear of data loss, which often involve unfamiliar URLs and suspicious email origins, highlight the evolving nature of cyber threats and emphasize the importance of vigilant online behavior to safeguard against such attacks.

Also Read:

Hackers Allegedly Claim Sale of 1-Day Magento RCE Vulnerability

See more