Social media users especially Facebook should be careful when getting posts and tags of adult content with quite tempting titles like: "Ahhh, this girl is an idol on TikTok, make sure you are over 18 to watch it". It's a trap!
If clicked, (see picture 1), the link will take the accesser to the website that has been prepared.
But unfortunately, if the tantalizing content is clicked, then the viewer will be taken to a trap site that will display porn clips followed by a verification request to enter Facebook credentials because they will watch adult content.
Even though the request for credentials is an attempt to get Facebook account credentials from the victim.
If the victim enters credentials, then those credentials will be directly used to tag your Facebook friends .
Uniquely, this post will not be on the victim's wall, but his friends will get a notification of the tag. Most likely this is done so that the victim does not realize that they have shared pornographic content tags with their Facebook friends and so that this content is difficult to delete and can last a long time.
According to Vaccination's monitoring, as of the time this article was written, the pornographic content was still actively seeking new victims, especially on weekends.
Then, what is the real purpose of these scammers and how do they carry out their actions? Do you just want to embarrass the victim by tagging pornographic content so that they have to apologize and clarify that he wasn't the one who shared the content?
the?
This is an interesting development from scamming actions where there is a tendency for scams to steal credentials and more coordinated monetization, although not to the extent that Ransomware has implemented the RaaS Ransomware as a Services method where there is a clear division of tasks between ransomware creators and ransomware spreaders so that even if caught, the one who is caught is the ransomware spreader and not the ransomware maker because this ransomware maker does not distribute the ransomware and only focuses on creating and improving ransomware.
So, he will escape the law when the ransomware spreader is caught and the ransomware maker is just looking for other ransomware spreaders.
Judging from the development of this porn scam, it appears that this scammer has also been run more organized like ransomware where the coding on the credential stealing porn site that is prepared is relatively the same and only the site address changes where it is suspected that this different site address happened because it was done by different scammers but still using the same scam code.
What's interesting is, the monetization method that has many alternatives and options. Monetization of this scam will run automatically on the scammer's site that has been prepared.
And the monetization options are so diverse that the scammers just focus on the scamming action to find as many victims as possible. Vendors who are willing to pay pay per click from advertising or other profits derived from this activity share the results from this scamming action, everything has been prepared and will run automatically based on the region and the vendor who wants to advertise.
Some of the monetization actions of this Tiktok idol girl scamming action are as follows:
1. Benefit from application installation referrals on Play Store.
2. Get financial benefits from referrals to porn sites.
3. Trick the victim into playing games that will drain their credit.
4. Trick the victim into making calls to premium numbers abroad.
5. The fourth monetization effort that will be carried out is that the victim will be given the lure as if he has received a free iPhone sweepstakes and just needs to contact the lottery provider.
However, if this operator's number is contacted, it will be connected to a number overseas which when further investigated turns out to be a Premium Call number where the caller will pay the cost of calling the number.
This scamming action is against the law and we expect you to avoid doing this because it is an unlawful act for spreading pornographic content and stealing credentials or digital access.
For those of you who are victims and tagging your friends, immediately change your Facebook credentials and activate TFA Two Factor Authentication protection to protect your account from hijacking.