Rising Cryptocurrency Scams on TikTok Targeting Users Amid Surge in Deepfake and Phishing Attacks

TikTok users are increasingly falling prey to sophisticated cryptocurrency scams that exploit the platform’s popularity among younger audiences, cybersecurity experts warn. The scams employ a mix of phishing, malware, and advanced artificial intelligence (AI) deepfake technology to lure victims into fraudulent schemes, resulting in significant financial losses.

According to recent research, scammers are operating under an umbrella campaign often dubbed “FraudOnTok,” where they use more than 15,000 fake TikTok Shop domains designed to mimic the legitimate e-commerce platform offered by TikTok. These counterfeit sites host phishing landing pages that steal user credentials or distribute trojanized applications carrying malware such as SparkKitty, capable of harvesting sensitive data from Android and iOS devices.

Victims are typically enticed with offers of heavily discounted products displayed on these fake sites. To complete their purchases, users are asked to make payments in cryptocurrencies like Tether (USDT), exploiting the irreversible nature of crypto transactions so that scammers avoid detection or accountability. This tactic represents a malicious shift from traditional social media scams, as the fraudsters capitalize on TikTok’s growing e-commerce ecosystem.

Compounding the threat, AI-generated deepfake videos have been employed to mimic high-profile celebrities including Elon Musk, Mr. Beast, and Warren Buffet promoting fraudulent crypto exchanges. These videos convincingly endorse giveaways or investment opportunities, deceiving users into signing up on bogus platforms. Though the scams showcase phantom Bitcoin rewards, victims are required to first deposit real money to “verify” their accounts — funds which vanish once transferred.

The Better Business Bureau (BBB) highlights that many scams surface through direct messages on TikTok, with scammers posing as affiliates or trusted figures encouraging cryptocurrency investments. Younger TikTok users, particularly those aged 18 to 34, appear more vulnerable due to their familiarity and trust in influencer content and rapid consumption of trends.

How the Scams Operate

• Scam websites employ fake domains that closely resemble official TikTok URLs with extensions like .top, .shop, and .icu.
• Phishing pages trick users into entering login credentials or downloading trojanized apps embedded with malware.
• Payment requests in cryptocurrencies such as Tether facilitate irreversible transfers benefitting scammers.
• Deepfake videos featuring famous personalities endorse fraudulently advertised cryptocurrency platforms.
• Victims are induced to deposit funds to “unlock” promised Bitcoin, which is never actually credited.

Security Recommendations

Experts advise users to be highly skeptical of cryptocurrency investment offers on TikTok, especially those involving urgent calls to action or guaranteed returns. It is recommended to:

• Avoid clicking on suspicious links or downloading apps from unverified sources.
• Verify the authenticity of any cryptocurrency promotion by checking official company or influencer channels.
• Use robust security tools such as deepfake detection and scam protection suites like Norton 360.
• Never send cryptocurrency to unknown wallets or respond to unsolicited direct messages promising easy profits.

As TikTok continues to expand its marketplace and community, the surge in crypto-related scams underscores the need for increased awareness and stronger platform safeguards. The rapid innovation in AI-driven deception means users must remain vigilant against novel and evolving tactics that threaten their financial safety.