TikTok Shop faces surge in crypto phishing scams

A phishing campaign called “ClickTok” is targeting TikTok Shop users with fake domains, discounted products, and Tether payment scams.

A phishing campaign called “ClickTok” is targeting TikTok Shop users with fake domains, discounted products, and Tether payment scams.

Cybercriminals are increasingly targeting TikTok Shop users through a phishing and malware campaign known as ‘ClickTok‘. The scheme uses fake Meta ads and AI-generated TikTok videos imitating influencers to lure victims to fraudulent domains resembling real sites.

These domains are used to steal credentials and distribute trojanised applications. More than 10,000 fake sites have been identified, luring shoppers with heavily discounted products and urgency tactics such as countdown timers.

Victims are prompted to make payments in Tether, allowing scammers to exploit the irreversible nature of cryptocurrency transactions. The fraudulent storefronts are designed to appear convincing, encouraging rash purchases.

TikTok Shop affiliate members are also being targeted with advance fee scams. Criminals pose as TikTok affiliates on WhatsApp and Telegram, convincing victims to deposit funds into bogus wallets in exchange for fake commission payments.

The report warns that the younger demographic on TikTok, particularly those aged 18 to 34, may be more vulnerable to such schemes. The trend shows scams shifting from Facebook and X to new e-commerce platforms.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot