Online Fraudsters Exploiting TikTok Shop Customers through Cryptocurrency Schemes: Alert Issued
Global Scam Operation Targets TikTok Shop Users and Affiliates
A new large-scale scam operation, known as the ClickTok campaign, is preying on users and affiliates of TikTok Shop, according to a report by cybersecurity firm CTM360. The campaign, which uses over 15,000 fake TikTok Shop domains, is causing concern as it targets users worldwide, despite the fact that TikTok Shop is only available in 17 countries.
The ClickTok campaign employs a hybrid attack approach, combining phishing and malware distribution tactics. The fraudulent storefronts, which closely resemble the official TikTok Shop interface, trick users into logging in and entering sensitive information, including cryptocurrency wallet credentials. These fake storefronts often feature fake product listings with urgency tactics like timers to pressure users into making quick decisions.
In addition to phishing, the campaign also distributes trojanized apps laden with spyware such as SparkKitty. These malicious apps infiltrate victims’ devices, capturing screenshots and photos (often containing wallet seed phrases), enabling remote surveillance, and stealing digital funds. The malicious apps can also target sellers’ devices and affiliate promoters to steal their credentials and take over accounts.
To increase trust and click rates, the scammers use AI-generated promotional videos and fake influencer ads. Victims are often lured to pay via cryptocurrency wallets on fake payment pages or to top up fraudulent in-app wallets, locking them into nonstandard and unrecoverable crypto flows.
The campaign targets TikTok Shop Affiliate Program participants globally. Victims are often approached on WhatsApp and Telegram by fraudsters posing as "TikTok affiliates" and offered heavily discounted products paid for with cryptocurrency. Victims are encouraged to "top up" bogus crypto wallets, shown fake earnings, and promised commissions that never arrive.
The scammers also deploy fake Meta ads and AI-generated TikTok videos mimicking influencers. They use social engineering tactics, such as advance fee scams, to target participants in the TikTok Shop Affiliate Program.
The Pew Research Center found that 18 to 34-year-olds, who may be more susceptible to scams, are "more likely" to use TikTok. This demographic may need to be extra vigilant when using TikTok Shop to avoid falling victim to the ClickTok campaign.
The ClickTok campaign endangers shoppers, creators, affiliate sellers, and undermines trust in TikTok Shop’s platform. Users are advised to be cautious when making purchases on TikTok Shop and to only use official TikTok payment methods. Additionally, users should be wary of unsolicited messages offering deals that seem too good to be true.
- The ClickTok campaign deceives users into entering their cryptocurrency wallet credentials, putting digital funds at risk.
- The scammers behind the ClickTok operation distribute trojanized apps containing SparkKitty malware, capturing wallet seed phrases and enabling remote surveillance.
- Victims are encouraged to pay via crypto wallets on fake payment pages or top up fraudulent in-app wallets within the ClickTok scam.
- To lure participants in the TikTok Shop Affiliate Program, scammers use AI-generated TikTok videos and fake Meta ads, imitating influencers and employing social engineering tactics.
- Despite the increasing use of TikTok among younger generations, particularly the 18 to 34-year-old demographic, users should be careful when making purchases on the TikTok Shop platform and avoid falling victim to scams like the ClickTok campaign.
