Hackers are using fake TikTok Shops to steal money and spread malware — don't fall for this

Be wary of deals on TikTok Shops that seem too good to be true – they may be malware in disguise.

As reported by PCMag, there’s currently a campaign making the rounds online where scammers use AI to imitate TikTok sellers and stores in order to trick users into clicking on malicious links or to convince users to send them cryptocurrency.

Cybersecurity firm CTM360 issued a report that uncovered a widespread campaign where threat actors have been capitalizing on the trust that users have in the TikTok brand so that they can hijack accounts, steal money or personal data or distribute malware.

The threat actors are creating convincing replicas of TikTok Shop profiles, even including AI-generated videos, which makes users believe that they’ve landed on a legitimate page.

The campaign is also circulating ads on Facebook and TikTok in which they promise unusually large discounts on products in order to tempt victims as well as to redirect targets to fake versions of both TikTok Wholesale and TikTok Mall. CTM360 has found over 10,000 such fake URLs created to lure shoppers into giving up their login credentials, or to deposit cryptocurrency into fraudulent storefronts.

These threat actors have also leveraged the TikTok Shop affiliate management platform by creating a malicious app designed to take over accounts, steal personal information and even enable persistent device compromise. These bad apps are being distributed through embedded download links and QR codes; CTM360 says they have found more than 5,000 such download sites so far.

According to The HackerNews, the malware that is being distributed through the malicious apps is SparkKitty which can harvest data from either Android or iOS devices. Victims of the fake affiliate program will be asked to pay in cryptocurrency or to deposit money into a fake on-site wallet and given promises that they will receive future commission payouts or bonuses which, of course, are never paid out.

How to stay safe

When shopping online, it's good to follow a few hard and fast rules and the first one is always: If it seems to good to be true, it almost certainly is.

Be wary of any deals that use pressure or urgency in their tactics, making you feel like you need to act fast or putting an expiration date on a deal.

Likewise, be suspicious of any site that doesn't take traditional payment methods and instead request payments in gifts cards, cryptocurrency wallets, iffy websites or links, or want a bank account number or other banking information.

Double and triple check URLs to websites to see where they lead; scam sites will often use low cost domains. In the case of this campaign, many of the sites are using domains that end in .top, .shop or .icu.

Keep in mind that official shops and affiliate programs are unlikely to reach out to you proactively to ask you to deposit money. And be careful with advertisements, as fake deals are incredibly easy to circulate around social media and we've seen all sorts of malicious ads used in a number of campaigns in recent years.

Finally, you want to make sure you have one of the best antivirus programs installed on your computer. Not only can they keep you safe from malware and viruses but many of them include features that will help protect you while browsing and shopping online like a hardened browser, or alerts that show up when you navigate to sites that have been reported as malicious, a firewall, or VPN.

Follow Tom's Guide on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button.

More from Tom's Guide

• Millions of Dell laptops at risk of attack due to security chip flaw — update your PC right now
• Over 900,000 hit in massive healthcare data breach — names, addresses and Social Security numbers exposed online
• Google just fixed two high-severity Qualcomm bugs used by hackers in their attacks — update your Android phone right now