A TikTok prank but real fraud scheme of cybercriminals

Spread the love

A TikTok prank is going viral and popular on social media. But what is there in this TikTok prank that is gaining popularity? In this prank, people make calls to their friends using an automated answering machine to tell them that a large amount of money is about to be debited from their account.

Though there’s nothing unusual about this prank to grab attention, security experts warn that cybercriminals are actively employing this TikTok prank as a real fraud scheme to target their victims.

Known as ‘vishing’ a short form of voice phishing, according to Kaspersky security experts this fraud scheme is on a rise in past some months. Kaspersky researchers detected an increase in the number of vishing emails in June (almost 100,000 total) and collected approximately 350,000 vishing emails between March and June 2022.

Vishing is a fraudulent practice of convincing individuals to call cybercriminals and reveal personal information and bank details over the phone. Like most phishing schemes, it starts with an unusual e-mail from a large online store or a payment system.

For example, it could be a letter from a fake version of PayPal telling you that they have just received a request to withdraw a large amount of money from your account.

Fake notification from PayPal about a purchase for a large amount of money

Unlike regular phishing emails that ask the victim to follow a link to cancel the order, vishing emails ask the victim to urgently call the customer support number provided in the email.

Cybercriminals have intentionally chosen the vishing method, say Kaspersky experts because when people look at a phishing site, they have the time to think about their actions or notice signs that the page is not legitimate.

But when victims talk on the phone, they are usually distracted and find it more difficult to focus. Under these circumstances, attackers do everything they can to further throw them off balance: rushing them, intimidating them and demanding that they urgently provide their credit card details to cancel the supposed fraudulent transaction.

After gaining the victim’s bank account details, cybercriminals use the information to steal their money, leaving the victim with an empty wallet. Kaspersky experts highlight that in the last four months (from March to June 2022) they have detected almost 350,000 vishing emails, asking victims to call in and cancel a transaction.

Number of detected emails with vishing, March — June 2022

In June alone, the number of such emails increased, reaching nearly 100,000, leading Kaspersky researchers to predict that this trend is only gaining momentum and is likely to continue growing.

Curiously, TikTokers actively repeat one of the vishing schemes, with the only difference being that they do not send a fraudulent email in advance nor do they steal anything from their victims – their goal is a show, not money.

The call is conducted through an answering machine, whose voice is generated by an online translator. Most often, pranksters introduce themselves as a representative from the customer service department of a large online store, claiming they have just received an order from the victim for several thousand dollars and asking for their confirmation.

No matter how the victim replies, the next thing the answering machine says is, “Thank you, your order has been confirmed.” People think the answering machine misheard them and that the funds are going to be withdrawn from their account immediately, so they panic, scream and don’t realize that they are being pranked.

When people are convinced to disclose their personal data during a phone call rather than on a phishing page. They often don’t have the chance to consider that they are the target of a hoax – and a large number of TikTok videos with this prank are a prominent example of this.

“I often come across videos on TikTok of bloggers pranking other people by calling them and telling them that their account is about to be debited thousands of dollars. The victims believe it and go crazy over it. When you look at these videos on your phone you think, “How can anyone fall for such a thing?,” says Roman Dedenok, Security Expert – Kaspersky.

“But when people encounter scam calls in real life, they are often affected by multiple circumstances at the same time. Such a call can catch them off guard, while their head is full of other things and they can’t clearly assess who is on the other end of the call – a prankster, a fraudster or a real bank security specialist,” adds Dedenok.

Leave a Reply

Your email address will not be published. Required fields are marked *