# TikTok Shop Password Warning Issued As ClickTok Hackers Strike
A growing threat has emerged on the social media platform TikTok, as security researchers have issued a warning about an ongoing hacking campaign known as FraudOnTok. This malicious campaign specifically targets fake TikTok Shop login pages to harvest account passwords, leaving users vulnerable to potential data breaches.
## The Scope of the Attack
So far, the FraudOnTok hackers have managed to establish over 10,000 fake sites and distribute more than 5,000 malicious apps across the platform. These scams are designed to deceive users into thinking they're interacting with the official TikTok Shop platform. The fake sites closely mimic the official interface, making it difficult for users to distinguish between genuine and fake platforms.
## How the Scam Works
The FraudOnTok hackers employ a "hybrid scam model" that combines both phishing and malware attacks specifically targeting the rapidly growing TikTok Shop customer base. According to security researchers, the scam begins with the impersonation of TikTok's commercial ecosystem, including TikTok Shop, TikTok Wholesale, and TikTok Mall.
## Spread of the Scam
The FraudOnTok campaign is spreading on a global scale, targeting users in over 17 countries where TikTok Shop is officially available. This includes major markets such as the U.S., U.K., Europe, and Asia. The hackers are using a combination of malicious QR codes and embedded download links to distribute their malware-laden apps.
## Warning Signs
Security experts have warned users about this scam campaign, emphasizing the importance of being cautious when interacting with unsolicited offers or requests for login credentials. Javvad Malik, lead security awareness advocate at KnowBe4, stated: "This particular attack shows how technical attacks are more often than not blended with social engineering tactics to exploit our trust in brands."
## Mitigation Measures
To protect themselves from this threat, users are advised to take the following precautions:
* Verify websites before entering login credentials * Be skeptical of offers that appear too good to be true * Use strong and unique passwords for all accounts * Enable two-factor authentication whenever possible * Regularly monitor account activity for suspicious behavior
## Conclusion
The FraudOnTok hacking campaign highlights the importance of online security awareness. As users continue to grow their presence on social media platforms, it's essential to remain vigilant about potential threats and take proactive measures to protect themselves from data breaches.
**Stay safe online by staying informed!**