From deepfakes to bitcoin: The new wave of TikTok scams and how to dodge them

A woman sits at a table and looks at her phone, where she may encounter TikTok scams.

Norton researchers report on the latest TikTok scams targeting younger generations. Check out the latest tactics scammers are using, including deepfakes and bitcoin lures.

Have you ever heard the phrase "If it sounds too good to be true, it probably is?" In the world of TikTok, where quick trends and viral challenges reign supreme, there's a new scam that's catching many off guard. Let's dive into it.

The Alluring Promise

Imagine scrolling through TikTok and stumbling upon a video of your favorite celebrity promoting a cryptocurrency exchange. Well, you actually don’t need to imagine—these are screenshots of TikTok videos, featuring Elon Musk and Mr. Beast.

These examples show TikTok scams involving the image and likeness of celebrities.

They claim to be giving away a whopping $8,000 in Bitcoin. All you need to do is sign up and enter a promo code. Sounds simple, right? Here's the kicker: When you do sign up, that promised Bitcoin amount genuinely appears in your account.

There's a catch …

The Deceptive Catch

To withdraw that tantalizing $8,000, you're asked to deposit between $300 to $500 into “your” account, which is actually owned by them. And if you take the bait, that money vanishes into thin air. The fake sites pulling off these scams are short-lived, but like a game of whack-a-mole, they keep popping up with different names.

These images illustrate how the TikTok scams work and showing how money is stolen.

Interestingly, these scam sites seem to be using a limited number of templates. We've even noticed odd glitches, like being told an email account already exists on a platform we've never registered on before.

These images illustrate how the TikTok scams ask for registration to steal funds.

The Global Reach

While anyone can fall for these scams, younger generations dreaming of making it big in the crypto world seem especially vulnerable. And this isn't just a local issue; it's happening globally.

Cryptocurrency's universal appeal makes it a ripe target for scammers everywhere. So far most of the scams are in English, but we have witnessed attempts in other languages such as German.

TikTok scams are prevelent in several countries, and this example shows a scam discovered in German.

It is impossible to know the total number of victims, as we cannot know how many of the people that watch these videos go to the website, create an account, and enter their money to get the “free” bitcoins. We started blocking access to these websites and in the first couple of days we protected thousands of users that tried to access these sites. Most of them were from Europe (U.K., France, Italy, Spain, Poland, etc.) and the U.S., as well as from Brazil.

Beyond TikTok

While TikTok is the main stage for these scams, we've also spotted YouTube videos giving step-by-step guides on how to get involved. It's a multi-platform trap!

Here is an example where scammers are also using YouTube.

The Power (and Danger) of AI in Content Creation

In today's digital age, the line between reality and fabrication is becoming increasingly blurred, thanks to the advancements in Artificial Intelligence (AI). AI tools can now manipulate videos and audios with such precision that they can make anyone, even celebrities, say or do things they never did. This technology, often referred to as "deepfakes," can generate content that is almost indistinguishable from genuine videos and audios.

For scammers, this is a goldmine. They can create convincing endorsements from trusted figures without those figures ever being involved. And for the average viewer, especially when scrolling quickly through a feed or not paying full attention, these manipulations can be incredibly convincing. It underscores the importance of being skeptical and verifying information from multiple sources before taking any action.

In these scams, most videos follow the same pattern: a camera showing a computer screen of a celebrity X account (former Twitter) giving away a referral code to create an account in a crypto-exchange, as we have shown at the beginning of this article. However, some of them are more advanced, using real footage and AI to make a credible video clip to lure potential victims, something relatively easy to do nowadays thanks to the powerful AI tools available for anyone.

Protecting Yourself

  1. Skepticism is your best friend: Never trust giveaways, even if they appear to be endorsed by celebrities. Remember, videos can be manipulated.
  2. Report suspicious content: If you come across these scams, report them to the platform. We've flagged several on TikTok already, and every report helps protect others.
  3. Stay informed: Keep an eye on platforms like ours to stay updated on the latest scams and cybersecurity threats.
  4. Use tools such as Norton Genie to help spot scams.

The digital age brings countless opportunities, but it's crucial to tread with caution. Scammers are getting craftier, but with awareness and a healthy dose of skepticism, we can navigate the online world safely. And hey, if you've got examples or have spotted these scams yourself, share them with us. Let's keep our community informed and protected.

Special thanks to my colleague Jakub Vávra, who has been assisting me in this investigation.

Norton technology blocked 142 million threats a day.

Norton™ 360 brings real-time protection for your PCs, Macs, smartphones or tablets against ransomware, viruses, spyware, malware and other online threats.

Try Norton 360. Post, bank and shop from your device. We’ll keep it secure.

Luis Corrons
  • Luis Corrons
Luis Corrons is a Security Evangelist for Gen (Avast, AVG, Avira, Norton) & leads boards at AMTSO & MUTE. He is a prominent speaker at industry events.

Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc. 


    Want more?

    Follow us for all the latest news, tips and updates.