Got an SMS to download TikTok Pro? Don't do it, it's a scam
Scammers are tricking users into downloading an app called TikTok Pro, which is TikTok's new version in India, using phishing attacks via SMS and WhatsApp messages.
The government recently banned 59 China-based apps in India for posing a threat to the country’s security. The list of the banned apps includes TikTok, which prior to the ban had amassed nearly 200 million users in India. The ban has led to an increase in the popularity of the app’s India-based alternative. It has also led to a rise in TikTok-based scams.
Scammers are using SMS phishing attacks for luring users into downloading an app called TikTok, which they claim is TikTok’s new version in India. As per a report by Gadgets Now, scammers are sending messages to innocent smartphone users in India via WhatsApp and SMS wherein they claim that TikTok is available in India as TikTok Pro.
“Enjoy Tiktok Videos and also make Create Videos again. Now TikTok is only Available in (TikTok pro) So Download from below,” the message reads which is followed by a link to download the TikTok Pro APK file.
Several Twitter users too have got similar messages on their smartphones.
Hi sir this is the link of TikTok pro which is Going to install by any browser in India so that people can Use their old tik tok account.. pic.twitter.com/mC8ngsFvgA— Eshwar🕉 (@EshwarAchu) July 4, 2020
Dear sir @hydcitypolice @CYBTRAFFIC @cpcybd— Purushotham gowd (@GowdPurushotham) July 4, 2020
Some of my friends got some notifications from online about tiktok pro app, in that there is an URL link once we click on that URL that message has been automatically forwarded to all of our phone contact. Kindly find the attachments. pic.twitter.com/nsrNh9tuOs
Once users download this, they see an app with an icon resembling the original TikTok app. The app then asks them for various permissions such as camera and mic among others. However, once these permissions are granted, the app doesn’t do anything. It just stays on the phone.
As it goes, the app isn’t available on the Google Play Store and it cannot be downloaded from anywhere else. This coupled with the fact that TikTok hasn’t launched any such app indicates that malicious actors are using this opportunity for tricking innocent TikTok users into downloading a malicious app.
It is worth noting that the report comes shortly after the French cyber security firm Evina said that 25 malicious apps, which had been downloaded 2.34 million times, on the Google Play Store stole Facebook credentials of Android users. You can check the entire list of apps here.