Skip to content
logo The magazine for digital lifestyle and entertainment
A brand of Bild
CoBi Fraud News Security All topics
Caution

New TikTok Scam Targets User Accounts

TikTok Scam Scheme
TikTok users are currently the target of a new scam. Photo: Hans Lucas/AFP via Getty Images
Share article

November 11, 2025, 3:01 pm | Read time: 2 minutes

A new scam is currently circulating on TikTok, where criminals use fake pleas for help to obtain security codes and take over other people’s accounts. As reported by “Mimikama.org,” the perpetrators cleverly exploit the trust between friends–with an alarmingly high success rate.

Many TikTok users are familiar with the short messages in their inbox: harmless greetings, video links, or requests for likes. Scammers are now taking advantage of this behavior. They hijack real accounts and then send seemingly urgent pleas for help to their contacts–the start of a devious social engineering attack.

How the Scam Works

The scam usually begins with a simple message like “Hello, please, I need your help.” Next, the attackers claim they need to reactivate their supposedly locked TikTok account and require “trusted contacts” for this. Users are asked to forward a code that is allegedly sent to them for confirmation. In reality, this security code comes from their own account–and by sharing it, they give scammers full access to their profile.

Once the attackers have the code, they can change the password, permanently embed themselves in the account, and then use it to deceive more users.

Why the Scam Works

The approach is not based on technical vulnerabilities but on targeted human manipulation–known as social engineering. The perpetrators rely on trust, routine, and willingness to help. Since the message appears to come from a known contact, many users respond spontaneously and without suspicion. This is precisely what the scammers exploit to take over accounts in seconds.

More on the topic

How to Protect Your Account

No legitimate service–including TikTok–requests security codes via direct message. Users should ignore such communications and immediately report suspicious profiles. It is also advisable to regularly check the device overview in their account and remove unknown accesses. Those who have already shared the code should promptly change their password and contact TikTok support.

Enable Two-Factor Authentication

Two-factor authentication provides additional protection. A password alone is no longer sufficient to log in–a one-time code from an authenticator app or via SMS is also required. This keeps the account secure even if scammers have already obtained the login data.

This article is a machine translation of the original German version of TECHBOOK and has been reviewed for accuracy and quality by a native speaker. For feedback, please contact us at info@techbook.de.

You have successfully withdrawn your consent to the processing of personal data through tracking and advertising when using this website. You can now consent to data processing again or object to legitimate interests.