MiTM Phishing Targets TikTok Business Accounts
A new adversary-in-the-middle (MiTM) phishing campaign is targeting TikTok business accounts to bypass multi-factor authentication and steal credentials. Attackers use sophisticated proxy-based techniques to intercept login sessions in real time, allowing them to capture session cookies and gain account access. The campaign is particularly concerning due to its effectiveness against MFA-protected accounts. Businesses relying on TikTok for marketing or revenue are at increased risk. Experts recommend stronger phishing awareness, use of phishing-resistant authentication methods, and monitoring for unusual account activity.
If you thought multi-factor authentication (MFA) made you untouchable, think again. A new phishing campaign targeting TikTok business accounts is proving otherwise.
This isn’t your run-of-the-mill phishing email. Attackers are using adversary-in-the-middle (AiTM) techniques—essentially placing themselves between you and the legitimate login page. You log in as normal, blissfully unaware, while they quietly intercept everything.
Credentials? Captured. Session cookies? Also captured. MFA? Bypassed.
Why It’s Clever (and Annoying)
The attack works in real time, meaning even security-conscious users can be caught out. For businesses relying on TikTok for advertising or revenue, that’s a serious problem.
Once attackers gain access, they can hijack accounts, run fraudulent campaigns, or lock out legitimate users.
Staying Ahead
• Be wary of login links, even convincing ones
• Use phishing-resistant MFA (e.g. hardware keys)
• Monitor account activity closely
• Train staff on modern phishing tactics
Because in 2026, phishing isn’t just about dodgy spelling anymore.