Proudly supported by

Australian Government logo


Resources Hub / Small business cyber basics / Scams targeting your small business on TikTok

Scams targeting your small business on TikTok



Small business owners are often on the lookout for new ways to connect with the market.

TikTok, with its 1 billion active users, and TikTok for Business platform has become popular for businesses wanting to reach a younger demographic.

However, as the platform grows, so does the number of scams targeting Australian businesses.

What are TikTok scams?

Most TikTok scams that target small businesses involve “phishing”.

Phishing is like someone trying to trick you into giving away your office keys by pretending to be your locksmith.

On TikTok scammers often do this by sending fake emails or messages that that look official. Or they might impersonate a celebrity or offer prizes or more followers.

When you click the link in the message, it takes you to a fake website that looks just like a real one.

If you enter your username and password there, the scammer uses that information to access your account and you and your business are at risk of financial loss, identity theft extortion.

Common TikTok tactics used by scammers

Emails or messages from ‘TikTok Employees’:

These emails and messages can look real. But legitimate TikTok representatives will never ask for your password via email or message.

Never click on unknown links or open attachments from unverified sources. Check the URL and email address for any minor but suspicious changes. Authentic TikTok emails should end with ‘’.

Fake celebrity and official accounts:

Scammers often impersonate celebrities to trick users into handing over information. They have clever techniques to access your credentials, like asking you to log in, fill out forms or download malware. Check out the celebrity’s official website and look for the blue tick verification badge on their profile.

TikTok Marketplace:

TikTok Marketplace has grown fast. Be cautious of fake products and services and read the comments and reviews. Only buy from verified and reputable sellers with a blue tick. Make sure the blue verified checkmark is next to the username. If it is someone where else (such as the bio), it’s not a verified account.


Malware is bad computer software that compromises your account. Your account can be infected by clicking on unknown links or opening attachments from unverified sources.

Free offers and prizes:

Beware of accounts promising easy money or fake giveaways.
Does it sound too good to be true? That’s because it is. No one is really giving away money, dream holidays or campervans.

Scam apps:

Exciting new apps offered by unverified accounts can be tempting, but they’re often just a trap.

Protect your business TikTok account

Be TikTok scam aware:

As TikTok continues to grow, so does the importance of being vigilant against scams. Educating yourself and your team, using strong security measures, and staying aware of the latest scam tactics, are the best ways to keep your small business safe.

Use passphrases and password managers:

Use strong and unique passphrases for your account and consider using a password manager for additional security. Hackers have sophisticated programs to work out passwords, but old-fashioned guessing is still a common way hackers access accounts. That’s why using your pet’s name, your birthday or nickname is never a good idea.

Activate multi-factor authentication (MFA):

Enable MFA for an extra layer of security. It helps protect your account even if your password is compromised.

Check for the blue tick:

A verified badge is the blue check mark symbol that appears next to a TikTok account’s username in search results and on the profile. If an account doesn’t have the blue tick next to the username but displays it somewhere else on the profile (such as the bio), it’s not a verified account.

Monitor Your Devices:

Regularly check which devices have access to your TikTok account. Remove any unfamiliar devices immediately.

Check for malware:

Run antivirus software to detect any suspicious programs on your computer (malware)

Stay alert to security notifications:

TikTok’s team monitors for suspicious activity. Regularly check your security alerts for any unrecognized activity.

How do I know if my Tik Tok Business Account has been hacked?

If you notice any of these suspicious behaviours, your account may have been hacked:

What do I do if my TikTok Business account has been hacked?

Change your password:

If you suspect any unauthorised activity, change your password immediately to something strong and unique. Use passphrases and a password manager for best security.

Enable MFA:

Adding this extra layer of security can significantly protect your account from unauthorised access.

Link your phone number:

Go to your profile “settings and privacy” tab to link your phone number.

Remove suspicious devices:

Check which devices have access to your account and remove any you don’t recognise.

With Cyber Wardens, you can keep your digital floors clean and free of cyber criminals fishing.

Learn easy and simple cyber security tips for your small business

More helpful resources for you and your business

It happened to me!

Have you got a Cyber attack story to share? Your story can help other small businesses protect themselves.

It happened to me!

Have you got a Cyber attack story to share? Your story can help other small businesses protect themselves.