TikTok Scams: How Popular Apps and Services Become New Havens for Scammers

As social media platforms become popular, scammers aren’t far behind. One of the more popular social media scams involving adult-dating has started to emerge on TikTok over the last six months.

Since March 2019, I’ve been tracking the activity of a number of scam accounts on the popular short-form video platform TikTok. The social media site’s user base took off after it merged with musical.ly in August 2018, topping 1 billion monthly active users (MAUs) earlier this year. 

Given TikTok’s meteoric rise in popularity, it comes as no surprise that scammers would take notice. So far, these scams appear to be in their infancy. There is no WikiHow entry for how to create TikTok scams...yet. However, it’s clear the scammers are already reaping the benefits of using the platform to accomplish one or more of the following:

1. Boosting likes and followers in order to raise the popularity of a profile.
2. Gaming the cost-per-action networks of adult dating websites that pay for qualified leads.
3. Taking advantage of cost-per-install networks, which offer monetary rewards to users who drive other users to install apps.

In this two-part series, we’ll explore three of the most common types of scam accounts I’ve been tracking, which involve one or more of the following categories:

• adult-dating;
• impersonation; and
• increasing followers/likes. 

Here, in part one, we discuss how scammers are using fake profiles to trick unsuspecting TikTok users to sign up for adult dating websites or pay for fraudulent “premium” Snapchat accounts. In part two, we explore the tactics involved in creating imposter accounts and how these are used to increase followers and clicks, while also discussing the oldest trick in the scammer’s playbook — offering free likes and followers. We informed TikTok and Snapchat of our findings. TikTok said it is in the process of removing the accounts we identified and actively working to identify and remove others. Snapchat directed us to a support article. 

We expect these scam activities to only increase as TikTok continues to dominate the Apple App Store marketplace, remaining at the top of the App Store Downloads page for multiple quarters, while also trailing behind only Facebook properties WhatsApp and Messenger in Overall Downloads on mobile platforms.

Adult Dating Scam Accounts

“Damn your girl so fine, but her breath is like woah.”

The first type of scam accounts I’ve observed on TikTok are those promoting adult dating. These profiles feature stolen videos from sources like Instagram and Snapchat, featuring women dancing, posing in bikinis, working out or just going about their normal day-to-day lives.

For example, we were able to identify one of the adult-themed TikTok accounts using a stolen video of a swimwear model.

These profiles appear under the “For You” page, which is a page curated by a TikTok algorithm based on views and likes, though the specifics of how the algorithm works is not known. Typically, TikTok users append the hashtags #foryoupage, #foryou and #fyp as a way to try to get featured on these pages, but that doesn’t appear to be a tactic used by these scam accounts.

While these accounts could use their TikTok profile biography to promote their adult-themed dating websites, the scammers primarily use these accounts to drive users to a separate Snapchat account, which they promote in their video captions. Examples of such captions include:

• “Waiting in my 18+ SnapChat: [username]”
• “Urge you follow me on SnapChat: [username]”
• “Maybe u come help me sleeping? Wait u in Snapchat: [username]”
• “I hope you to hold me a hard k.i.ss and… Go my Snapchat: [username]”
• “Would you come help me remove my clothes? Go Snapchat: [username]”
• “More n.u.d.e items in my Snapchat: [username]”

In some captions, certain words contain periods between the letters, e.g. “nude” is “n.u.d.e” and “kiss” is “k.i.ss” though it’s unclear if this is an active attempt to bypass keywords that TikTok might be searching for to remove these spam accounts.

In addition to the captions, the accounts contain a variety of hashtags, from the obvious — such as #stripdance, #stripped, #tweark [sic], #topsmodels, #18plus, #18plusonly and #18pluscontent — to the more benign and often regional in nature — such as #windycity, #massachusetts, #pittsburgh, #miamibeach, #nashville, #sf, #philadelphia.

Another interesting approach undertaken by these adult dating scam accounts is their use of original sounds. TikTok users are encouraged to make videos based on existing sounds. My current assumption is that the scammers are either using sounds attached to the stolen videos, thus requiring them to create an original sound, or using original sounds to prevent the discovery of their videos via any algorithms TikTok has in place when listed under a different sound.

Based on their comments on videos posted to these fake accounts, it seems many TikTok users believe the videos are actually posted by the women themselves. Some scam accounts may follow users, but otherwise they do not appear to engage with users in a more direct way.

Based on a sampling of adult dating scam accounts I’ve encountered since March 2019, on average each account would follow 299 users, would be followed by 650 users and receive an average of 1,744 likes across their videos.

The most successful adult dating scam account I’ve been tracking received over 34,000 likes across their videos and gained over 12,300 followers.

Directing Users to Snapchat 

Using Snapchat as a vehicle to promote spam from other services/platforms is a fascinating workaround. Because Snapchat has historically operated within a walled garden, it’s a unique way to stealthily create these adult dating accounts that are only accessible to those who know their usernames or Snapcodes.

If a TikTok user moves to Snapchat to add these adult-themed Snapchat accounts, they’ll be presented with a Snapchat Story that features videos, often of the same unidentified woman, either being sexually suggestive, displaying nudity or performing sexual acts on themselves with a sticker or an emoji covering the explicit part of the video.

The stories themselves also contain a link attachment that directs users to an external page hosted on Google Sites.

The Google Sites page is gated with an “age verification” question, asking the viewer if they are 18 years old or not. Regardless of which option the user selects, they will be redirected to what is referred to as a prelander, or intermediary, page, used by scammers who sign up for adult dating affiliate programs. The page poses a series of questions to the visitor, whose answers are not used whatsoever. It is merely part of the ruse.

Once the user completes the survey, they are redirected to the real adult dating site, which offers an affiliate program to drive traffic and sign-ups. These scammers use a cost-per-action (CPA) network that provides offers to affiliates in exchange for some sort of revenue share. For instance, the CPA network will likely take 20 percent off the top of the affiliate marketer’s payout, leaving the user with 80 percent to themselves.

The adult dating website used in one of the more recent TikTok adult dating scams is flirt.com. The CPA networks advertise flirt.com affiliate leads that could earn a scammer anywhere between $1 to $3 dollars for a qualified lead tied to a specific geographic region, a preferred age category (above 25, for example) or a new user account. However, if a single lead converts to become a paid user by adding a credit card to the account on the adult dating website, the scammer could potentially earn over $50.

Affiliate programs are great incentives for scammers to make a quick buck, and the overhead costs for creating fake accounts on apps like TikTok and Snapchat are very low, so the potential return on investment is huge.

Premium Snapchat Offer

In recent weeks, the scammers behind these accounts have begun pivoting away from affiliate programs, bypassing the need to convince a user to sign up for an adult dating website. Instead, they’re asking users to subscribe to a “premium” Snapchat account. The rise in popularity of legitimate Snapchat premium accounts is a real phenomenon in which people earn money by posting Not-Safe-For-Work (NSFW) Snaps from a more private account.

In the case of these scammers, they are offering their so-called “premium Snapchat” for $10. They ask the user to make the payment through PayPal and to take a screenshot. If users “swipe up” they’re redirected to a PayPal payment site to send the scammer the funds they’re requesting. I’ve seen a few variations of the premium Snapchat offer from these scam accounts, altering the requested payment from a minimum of $5 to a maximum of $20.

As you can imagine, the users who pay for the supposed “premium” Snapchat aren’t likely to get anything in return. Instead, the scammers move away from being a middle man, getting paid directly by their victims instead of through a CPA firm.

This concludes part one of our two-part series. In the next installment , we’ll explore the tactics used by impersonation accounts as well as those designed to take advantage of the TikTok users desire to obtain a large number of followers or likes on their videos.

Erfahren Sie mehr:

• See more from this author here
• Learn more about Tenable Research here
• Read additional blogs about social media scams: Sudan Meal Project: Social Media Is Used to Amass Nearly 900,000 Followers on Instagram and Instagram Porn Bots Evolve Methods for Adult Dating Spam