A ‘Free Photoshop’ Scam on TikTok is Stealing People’s Data

Jeremy Gray

A smartphone displays the TikTok logo on its screen, with a blurred laptop in the background. The scene is illuminated by a red light.

A new scam on TikTok supports the adage: If it’s too good to be true, it probably is. Cybercriminals are using TikTok videos to promise free access to otherwise expensive software, including Adobe Photoshop. However, these are fronts to steal user data and take control of people’s systems.

As cybersecurity research Xavier Mertens outlines and Bitdefender reports, the “Free Photoshop” scam relies upon a ClickFix attack scenario.

As Microsoft wrote in August, ClickFix is a social engineering technique that has become more popular in recent years. Different campaigns across social media platforms target “thousands of enterprise and end-user devices globally every day.” ClickFix can attack users on Windows and macOS devices and “typically lead to information theft and data exfiltration.”

The general concept is to try to get users to click on something enticing, like free Adobe Photoshop, for example, and then get the user to run “malicious commands on their devices.” The social engineering aspect of the approach takes advantage of a user’s “tendency to solve minor technical issues and other seemingly benign interactions, such as human verification and CAPTCHA checks.”

The attack aims to deceive users, who are lulled by a sense of familiarity with what they are doing, into ultimately running dangerous prompts on their machines. These attacks are also usually performed under the guise of an established brand or trusted authority.

A flowchart showing four steps of a cyberattack: user is lured to a ClickFix page, socially engineered to run a command, command downloads malicious code, and code delivers malware like infostealers or RATs.
How ClickFix works. | Credit: Microsoft

In the case of the TikTok “Free Photoshop” scam, it tries to get users to execute a series of commands on Windows through PowerShell. The user believes they are gaining access to free Adobe Photoshop. They are actually installing “AuroStealer” on their machine, which will then scrape the computer to “harvest passwords, browser data, and other sensitive information,” according to Bitdefender.

In contrast to more typical phishing attempts, where malicious actors try to get the target to give them information, ClickFix instead attempts to get the user to install software on their machine that will then gain access to the desired private data. Per Microsoft’s research, ClickFix and similar attacks are now more popular among cybercriminals than phishing.

TikTok’s short-form content delivery system is a good candidate for a scam like this. The platform hosts and proliferates a lot of legitimate technical how-to and educational content, and is a common platform people use to find good deals. Adobe Photoshop is expensive, so it is little surprise that people are trying to find a way to gain access to the image editing app for free. As it turns out, trying to steal the software is a good way to set yourself up for being a victim of theft.

Users should generally never run any commands on their machines that they see on TikTok or other social media networks. There are a lot of scams out there.

Image credits: Header photo licensed via Depositphotos.

, ,
, , , , , , , ,
PetaPixel articles may include affiliate links; if you buy something through such a link, PetaPixel may earn a commission.
Related Articles
Man Pranks Gas Station with Giant Advertising Photo of Himself
Layers in Microsoft Paint Microsoft Paint is Getting Photoshop-Like Layers and Transparency
Select Subject is Here: Photoshop Now Has AI-Powered One-Click Selections
A Microsoft Paint window is shown on a computer. Microsoft Adds Photoshop-Like Background Removal Feature to Paint
Discussion