The smishing scam is targeting TikTok app users and fans in India.
The Indian government recently blocked the Chinese video-sharing app TikTok, a decision that received mixed reviews from the general public. Naturally, people who want to use the famous app resort to different methods of accessing TikTok, and it seems like cybercriminals are all set to benefit from the situation.
Reportedly, Indian authorities issued a warning informing users about fake links promising to redirect to the ‘professional version’ of TikTok but, in reality, downloading malware on the device to steal sensitive data.
See: US Military Bans TikTok over privacy concerns
Unsuspecting Indian users are receiving these messages through SMS and WhatsApp. The messages generally contain similar content, followed by a URL link where the recipient can download the TikTok Pro APK file. One of the messages read:
“Enjoy Tiktok video and create creative videos once again. Now TikTok is only available in (TikTok Pro) then download from below.”
Once downloaded, the app shows a genuine TikTok app’s icon and asks for several permissions, including accessing the microphone, camera, and image gallery. After the user grants permission, the app stays on the phone and doesn’t do anything apart from sneakily stealing user ID and social media profile credentials.
Screenshot of messages on WhatsApp and SMS sent by scammers.
Here’s what the Maharashtra government had to say about the scam:
Citizens are re ..
Support the originator by clicking the read the rest link below.
