The smishing scam is targeting TikTok app users and fans in India.
The Indian government recently blocked the Chinese video-sharing app TikTok, a decision that received mixed reviews from the general public. Naturally, people who want to use the famous app resort to different methods of accessing TikTok, and it seems like cybercriminals are all set to benefit from the situation.
Reportedly, Indian authorities issued a warning informing users about fake links promising to redirect to the ‘professional version’ of TikTok but, in reality, downloading malware on the device to steal sensitive data.
Unsuspecting Indian users are receiving these messages through SMS and WhatsApp. The messages generally contain similar content, followed by a URL link where the recipient can download the TikTok Pro APK file. One of the messages read:
“Enjoy Tiktok video and create creative videos once again. Now TikTok is only available in (TikTok Pro) then download from below.”
Once downloaded, the app shows a genuine TikTok app’s icon and asks for several permissions, including accessing the microphone, camera, and image gallery. After the user grants permission, the app stays on the phone and doesn’t do anything apart from sneakily stealing user ID and social media profile credentials.
Here’s what the Maharashtra government had to say about the scam:
— Maharashtra Cyber (@MahaCyber1) July 8, 2020
Lookout’s security intelligence director Christoph Hebeisen stated that when governments take such drastic decisions to block “legitimate, popular channels to acquire a popular app,” malicious actors are bound to trap innocent users.
Since the Indian government blocked access to TikTok both on Google Play and the App Store, users turn to illegal ways of accessing the app and end up downloading infected versions of the app. The situation is unavoidable because no official channel is available from where Indians can use the app, said Hebeisen.