Cybercriminals have recently deployed a new set of phishing pages designed to target TikTok for Business accounts by using TikTok- or Google-themed content.
Push Security said it had identified a new wave of an Adversary-in-the-Middle (AiTM) phishing pages registered on March 24 within a nine-second window.
The cluster of pages were all hosted behind Cloudflare with the same registrar, Nicenic Int...
The strongest version of this narrative highlights a sophisticated evolution in phishing tactics, where attackers exploit the intersection of social media and enterprise tools. The use of AiTM techniques, legitimate infrastructure (Google Cloud Storage), and anti-bot measures (Cloudflare Turnstile) demonstrates a high level of operational security. The focus on TikTok is strategically sound, given its dual role as a marketing platform and a vector for malware distribution. The potential for casc...