Scams & Phishing News TikTok for Business accounts targeted in new phishing campaign

Parkinsond

Parkinsond

Level 62
Thread author
Verified
Well-known
Dec 6, 2023
5,188
14,807
6,069
Content source
https://www.bleepingcomputer.com/news/security/tiktok-for-business-accounts-targeted-in-new-phishing-campaign/
Threat actors are targeting TikTok for Business accounts in a phishing campaign that prevents security bots from analyzing malicious pages.

TikTok Business accounts may be targeted due to their high potential for abuse in malvertising campaigns, ad fraud, and the distribution of malicious content.

The initial link redirects via a legitimate Google Storage URL, blocks bots using a Cloudflare Turnstile check, and then redirects to the malicious pages.

The domains feature similar names, and are all hosted on the same Google Storage bucket:

welcome.careerscrews[.]com
welcome.careerstaffer[.]com
welcome.careersworkflow[.]com
welcome.careerstransform[.]com
welcome.careersupskill[.]com
welcome.careerssuccess[.]com
welcome.careersstaffgrid[.]com
welcome.careersprogress[.]com
welcome.careersgrower[.]com
welcome.careersengage[.]com
welcome.careerscrews[.]com
Click to expand...

VirusTotal

VirusTotal
www.virustotal.com www.virustotal.com

Safeweb

safeweb.norton.com safeweb.norton.com
The malicious pages impersonate TikTok for Business and Google Careers “Schedule a Call” pages, requesting visitors to enter basic information in a form to validate they’re using a business email address.
Click to expand...

www.bleepingcomputer.com

TikTok for Business accounts targeted in new phishing campaign

Threat actors are targeting TikTok for Business accounts in a phishing campaign that prevents security bots from analyzing malicious pages.
www.bleepingcomputer.com www.bleepingcomputer.com
Click to expand...
 

Attachments

  • Capture.JPG
    Capture.JPG
    84.1 KB · Views: 32
  • Capture2.JPG
    Capture2.JPG
    19 KB · Views: 34
  • Like
Reactions: Zero Knowledge and Brownie2019

You may also like...