Phishing Scams on TikTok
How fraudsters use TikTok's video format, creator impersonation, and DM links to deliver phishing attacks and recruit victims into investment fraud.
Part of: Phishing
Last reviewed: 1 June 2026
TikTok's rapid video format and algorithm-driven content discovery create a unique phishing environment. Scammers create videos impersonating well-known creators or financial influencers, use viral challenge formats as vehicles for credential harvesting, and DM users with links to lookalike login pages.
Younger users who grew up on TikTok may be more familiar with its interface but can be caught off guard by scams that look like native content — such as a video saying 'follow this link in my bio for a free gift card' that leads to a phishing form.
How this scam works on TikTok
A common TikTok phishing pattern is a video claiming to be from a popular creator announcing a giveaway, with instructions to visit a link in their bio. The link leads to a page asking for your TikTok login or personal details to 'verify eligibility.' Another variant is a duet or stitch impersonating a creator's style to appear authentic.
Investment scam content increasingly uses TikTok's format: short videos showing phone screens with growing crypto balances, account-making sounds, and calls to action to visit a platform link. The TikTok algorithm's preference for high-engagement content can amplify these videos before they are removed. Direct messages from TikTok accounts offering investment coaching or business partnerships are another vector.
Common red flags
- TikTok bio link that leads to a login page unrelated to the creator's stated purpose
- Giveaway video asking you to enter personal details or social login credentials to participate
- DM from a TikTok account offering investment coaching with a platform link
- Video using a popular creator's face and style but from a different account
- Investment video with no verifiable creator identity, only a link to a trading platform
How to protect yourself
- Enable TikTok's two-factor authentication in Settings > Security > Two-step verification
- Never enter TikTok or other credentials on pages reached from a TikTok bio link without verifying the URL
- Report suspicious accounts and videos using TikTok's in-app report function
- Do not follow trading platform links from TikTok videos — verify platforms independently
- Review which apps have access to your TikTok account in Settings > Apps and websites
How to report it
- Report the video or account inside TikTok using the three-dot menu > Report
- Report investment fraud to your national financial regulator
- File a cybercrime report with screenshots if personal or financial data was compromised
Frequently asked questions
Can I get my TikTok account back if it was phished?
TikTok has an account recovery process through its in-app Help Center and via support.tiktok.com. You can verify your identity via phone number or email. Enable two-step verification immediately after recovery to prevent repeat compromise.