Crypto Scammers Targeting TikTok Users Through a Deceptive Campaign Called “ClickTok.”

Crypto scammers are increasingly targeting a new platform: TikTok. According to a report by the cybersecurity firm CTM360, fraudsters are deploying “sophisticated tactics” to deceive victims. A new campaign called “ClickTok” blends phishing and malware, preying on unsuspecting users attempting to make purchases through TikTok Shop.

Fake ads on Meta, as well as AI-generated TikTok clips mimicking influencers, are used to draw people in. They are then directed to fraudulent domains that closely resemble legitimate URLs. “These domains serve two main purposes: hosting phishing pages designed to steal user credentials and distributing trojanized apps,” the report explains. More than 10,000 fake sites have been identified to date—and even though TikTok Shop is only available in 17 countries, victims are being targeted worldwide.

When a user interacts with a fraudulent storefront, they often encounter fake product listings—with “urgency tactics” deployed so shoppers make rash decisions, like timers counting down the minutes until a sale expires. From here, they are told to deposit crypto.  The products on offer are often heavily discounted, making deals seem too good to be true. Tether is a widely accepted payment method accepted by the scammers, according to the report.

“The core motive is fraudulent financial gain, exploiting the trust in online shopping, affiliate earnings, and the irreversibility of certain payment methods,” the researchers wrote. “Advance fee scams” are also common, which primarily target people involved in the TikTok Shop Affiliate Program. Here, victims are encouraged to “top up” bogus crypto wallets, shown fake earnings, and promised commissions that never arrive. CTM360 went on to warn that social engineering tactics are also being deployed, with victims approached on WhatsApp and Telegram by fraudsters masquerading as “TikTok affiliates.”

The report is a concerning development given TikTok’s users trend younger than other social networks, with the Pew Research Center finding that 18 to 34-year-olds—who may be more susceptible to scams—are “more likely” to use this social network. It’s also a sign that cybercriminals are beginning to diversify beyond executing scams on Facebook and X.