Cybercriminals are targeting online shopping. In a world where phishing scams are common, TikTok and Facebook shoppers have fallen victim to a crypto scam. According to a recent report by security researchers at CTM360, a massive cyber-fraud operation has been targeting online shoppers through more than 10,000 fake TikTok Shop and Facebook storefronts.
Named ‘ClickTok’ or ‘FraudOnTok,’ campaigns use AI-generated content and viral ads to get the attention of the shoppers and make them click on fraudulent links, download malware, and hand over cryptocurrencies.
With these scams spreading across multiple social platforms, experts warn that this could be one of the biggest phishing scams of this year.
According to reports by security researchers at CTM360, these fraudsters create realistic and convincing replicas of official TikTok Shop pages to initiate the phishing attacks. These attacks are not restricted to TikTok but have also spread to Facebook.
Cybercriminals create replicas of authentic store pages and offer lucrative discounts to attract buyers. The research revealed that TikTok Wholesale and mall-branded pages contain approximately 15,000 fake URLs.
Through massive discounts, these pages trigger impulsive purchases, and clicking on these links makes people the victims of the TikTok scam. The experts revealed that these scams are two-fold: these links, on one hand, take people to the phishing websites. Once they are there, the threat actors demand crypto from users.
The reports also reveal that these malicious apps hide SparkKitty spyware that's capable of stealing passwords and wallet keys, taking screenshots, and even giving the attackers control of the hacked device. This malware works equally well for both Android and iOS users, making both vulnerable to these scams.
The notable part is that crypto exchanges are non-refundable. Therefore, there’s little chance for the victims to get back what they lost to the scammers.
Also Read: A Scam or an Inside Job? How CoinDCX Lost $44M in Crypto
This crypto scam is not the first malware attack that TikTok and Facebook users have been going through. It has a long history of cyberattacks. The most recent ones include the 2024 ‘ERIAKOS’ phishing attack. This cyberattack was launched through more than 600 fake online stores, baiting victims using unrealistic discounts on electronics and luxury goods.
Another similar scam exploited celebrity images, such as those of Elon Musk, Zendaya, and Cristiano Ronaldo, and promoted fake crypto exchanges that store users’ personal information and sensitive data through PowerShell scripts.
Regardless of the year, the social media scam pattern remains consistent: it imitates the layout of a trusted platform, exploits impulse buying psychology, and delivers malware that gathers users' information, including passwords and other sensitive data, during shopping or payment.
ClickTok, once again, highlights how the convenience of social media shopping can become equally dangerous. The integrated payment system, social media promotions, and other online features can turn into a goldmine for scammers. Notably, these scams target particularly younger users, who often fall for the urgency tactics.
While these are increasing every day, without stronger advertiser verification, better detection of domains, and tighter controls over integrated shopping features, these cyberattacks are impossible to stop. Until then, shoppers need to be cautious because, often in the social media world, lucrative discounts are traps for something extremely harmful.