Cofense report reveals new phishing scam using TikTok URLs to target Microsoft 365 credentials

September 26, 2024 // by Finnovate

This content is for members only. Sign up for access to the latest trends and innovations in fintech. View subscription plans.

« A new report from phishing defense company Cofense Inc. details a new phishing scam that uses TikTok URLs to redirect users to malicious sites, in particular targeting Microsoft 365 credentials. The phishing campaign involves a threat actor claiming via email to be an Office 365 alert from the user’s company information technology department urging the user to follow a URL to cancel a request to delete emails in the inbox. Once users click the link containing the TikTok URL, they’re taken through various redirects before landing on the final phishing page, which somewhat resembles a legitimate Microsoft login page with the company’s logo. For added legitimacy, the final page also auto-fills the users’ email addresses in an attempt to trick them into believing they have been sent to a legitimate login site. The phishing page also includes a section telling users to follow a link or call a phone number for assistance if they have trouble signing in. Though the phone number is legitimate, the URL redirects back to the phishing page. “This campaign highlights the increasing sophistication of threat actors who exploit social media platforms to deceive recipients,” said Brandon Cook and Brooke McLain from the Cofense Phishing Defense Center. “By exploiting TikTok’s popularity to potentially bypass suspicion and by impersonating a company’s IT department with false urgent messages, attackers exploit both user trust and fear of data loss.” Read Article

Comprehensive API security combines Salt’s AI-powered API discovery and runtime protection with Apigee’s robust API gateway and traffic management capabilities »