Is your TikTok hacked? Here are the telltale signs

Ray Fernandez

Jul 17, 20238 min read

Is your TikTok hacked? (Header image)

Are you having a hard time getting into your TikTok account? Has your password suddenly changed, or has someone posted videos without your permission or sent messages from your account? If you are experiencing these issues or other signs of suspicious activity, we’re sorry to break it to you, but someone may have hacked your TikTok account.

How can someone hack your TikTok account?

TikTok’s popularity has taken over giants like Twitter, Facebook, and Instagram. And with so many users and so much activity going on, cybercriminals and hackers just can’t resist.

That said, most users don’t realize that a lot of social media hacking is actually perpetrated by parents, close relatives, friends, or partners who use monitoring software that is effective and free to download online. Here are the five most popular ways TikTok accounts are breached.

1. Guessing the password

Despite global cybersecurity awareness efforts, many users still choose very weak passwords. And believe it or not, old-fashion password guessing is still a leading cause of unauthorized access to accounts.

Choosing basic passwords, matching your username with your password, or using something like your pet’s name, birthday, or phone number is always a bad idea. Any hacker or person trying to access your TikTok account can search for this information online and use it to gain access. You should always choose a strong password and back it up with multi-factor authentication (MFA).

2. Brute force attacks

Brute force attacks are executed by using a special kind of software that attempts to break into an account by trying out many different password combinations. 

You don’t need to be a sophisticated coder or a dark web specialist to run brute force attacks. Popular brute force software can be easily downloaded online. They are particularly effective when passwords are weak. Activate your 2-factor authentication (2FA) or multi-factor authentication (MFA) to have the best chance of stopping these types of attacks.

3. Spyware apps

As mentioned above, spyware, parental software, and monitoring apps are very popular despite the gray lines in which they work. Apps like eyeZy, FamiSafe, Qustodio, and Bark, to name just a few, have millions of downloads. They are used daily to keep track of users on social media, and their capabilities are impressive. 

While the companies developing these apps explain that the user needs to give their consent before spyware is installed on their device, the reality is that a lot of people have them installed without their knowledge. And not all of those who install these apps are concerned parents. 

Furthermore, we cant talk about spyware without talking about malware — spyware developed and used by cybercriminals. Cybercriminals target social media sites like TikTok for many reasons, such as to gain access to other accounts, financial data theft, extortion, etc. The best way to protect yourself from spyware is to be informed and updated, and to regularly run a trusted antimalware program on your devices.

4. Social engineering

Social engineering is the art of mastering human nature and human behavior, and cybercriminals are experts in these techniques. It is their top entry point into any system. In social engineering, criminals will impersonate official authorities, trustworthy organizations, and known companies. They may contact you through email or through TikTok itself, direct you unknowingly to a malicious site or link, or even call you on the phone.

Social engineering is one of black hat hackers’ favorite moves. They will develop complex cons to trick you into giving out your credentials, filling out forms that give them access, clicking or downloading malware, and forwarding your phone activity. What can you do to avoid this? Stay away from suspicious messages, and report, block, and delete them.

5. Malware

Malware comes in all shapes and sizes. All it takes is for you to click on the wrong link, download an app you shouldn’t have downloaded, or open a malicious email attachment, and your device can be compromised.

Many mobile users browse through TikTok with the confidence that hacking surely won’t happen to them. The truth is that attacks happen every day by the thousands. The best protection against malware is prevention. Download a good antimalware and antivirus program from a trusted vendor and run regular scans on your computer, mobile, or tablet.

Yes, you absolutely can get hacked by clicking on a malicious link on TikTok. This is, as mentioned, a very popular way for a hacker to access your account. Cybercriminals create links that look very official and direct you to sites that can also look legitimate. Once on these sites, you may be prompted to take some seemingly harmless action, like activating fake Javascript or updating a known software. Consequently, malware will run automatically, grabbing your credentials or installing an unwanted program.

Hackers will also impersonate TikTok teams and send you links that direct you to sites that look like TikTok. They might ask you to log in to your account, presenting an excuse like a security breach. The best way to prevent falling for this scam is to NEVER click on suspicious links. Also, check URLs and website addresses very carefully. They might look like the real thing with just one or two characters off.

How to tell if your TikTok has been hacked

When using TikTok, there are a few clear signs of hacking that you should watch out for. If you experience any of the following, the chances that your account has been hacked are very high.

1. Your password or phone number has been changed

Nothing says “breached account” like a password that no longer works or a phone number that’s been mysteriously changed. In both cases, you should take immediate action.

The first thing a hacker will do when they illegally gain access to your account is to go after your password and change basic security settings like your phone number. TikTok verifies its accounts through email or phone number, which is why these settings are the first things they change.

2. Videos have been deleted or posted without your permission

If you are wondering why someone would delete your videos and post new ones, the answer is simple. One of the reasons why criminals take control of TikTok accounts is to use them to spread spam or run malware campaigns. 

Hackers will break into several accounts and send millions of messages and post thousands of videos. And, while they’re at it, they might delete some of your content. If this has happened to you, read the section below to learn what you should do next.

3. Your account has been locked

When a user enters an incorrect password too many times, engages in behavior that TikTok considers a breach of its guidelines, or uses an account to share spam, the company will lock the account. 

In other words, if you wake up one morning to find that your email inbox is filled with messages from TikTok warning you about login attempts and you later try to access your account only to find that it’s locked, it probably means you were hacked in your sleep.

4. You were automatically logged out of your account

When another user tries to remove an active device from the app settings in your account, you will be automatically logged out. Removing devices from an account is a security feature that you can use to help you stay safe, but hackers also use the feature to lock you out if they gain control of your account. If this happens to you, do not wait. Take immediate action.

What to do if you think your TikTok account is compromised

Here’s what you should do if you want to get your hacked TikTok account back. Take action immediately by doing the following in order. First, reset your password. Second, link your phone number to your account. Third, remove any unauthorized devices and turn on 2FA. 

How to reset your password on TikTok

To reset your password in TikTok:

  1. Tap Profile in the bottom right.
  2. Select the 3-line icon in the top right.
  3. Go to Settings and Privacy.
  4. Tap Manage account.
  5. Select Password.
  6. Change your password.

Remember, when creating a new password, make sure it is strong and original. The ideal password should be at least 12 characters long. Mix things up using uppercase and lowercase letters, symbols, and numbers. And don’t forget to change your password often.

To link your phone number to your TikTok account:

  1. Go to your Profile in the bottom right.
  2. Tap the 3-line icon in the top right.
  3. Select Settings and Privacy.
  4. Tap Manage account.
  5. Select Phone number.
  6. Link your phone number.

How to remove unauthorized devices from TikTok

When someone hacks into your account, TikTok will identify and register the device or devices that were used to breach it. You’ll need to remove it from the authorized device lists in your TikTok account.

To remove suspicious devices from your account:

  1. Tap Profile in the bottom right.
  2. Select the 3-line icon in the top right.
  3. Go to Settings and Privacy.
  4. Find Security.
  5. Select Your devices.
  6. Remove unwanted or suspicious devices using the Trash icon.

How to turn on 2-factor authentication on TikTok

Many people only use one security layer to access their social media. This means they only use their password. You can add an extra security layer. You need to activate 2-factor authentication, which TikTok calls 2-step verification (2SV). Once it is active, even if someone gets your password right, they still need access to your email or phone to verify that it is you.

To turn on 2-step verification in TikTok:

  1. Check that you have downloaded the latest version of TikTok.
  2. Tap Profile in the bottom right.
  3. Select the 3-line icon in the top right.
  4. Go to Settings and Privacy.
  5. Select Security.
  6. Tap 2-step verification and choose at least two verification methods. TikTok recommends SMS and email.
  7. Select Turn on to confirm.
  8. If you have not previously entered your contact information, you’ll be prompted to enter an email address and phone number.
  9. Tap Send code and on the next screen, enter the verification code sent to you via SMS and email.

It’s also important that you report any suspicious activity. On TikTok’s Official Support page, you can report different kinds of problems.

How to recover a hacked TikTok that has been banned or locked

If your hacked account was banned or locked and you cannot recover it through normal methods, you can appeal to TikTok. You can only do this if you’ve received a notification from them when your account was banned. To appeal, open the notification, click on Appeal, and follow the instructions. 

If all of the above fails, you still have one more card up your sleeve. It’s a long shot, but it just might work if you have the patience. You can contact TikTok through their Feedback form, explaining your ordeal in detail, and wait to hear back from them.

TikTok is expected to continue expanding as one of the most popular social media platforms in the world. Although it is loved by the younger generations, the app still has its share of security weaknesses, like any app. However, if you take appropriate steps to keep your account safe, the risk of being hacked drops dramatically. 

Ray Fernandez Ray Fernandez
Ray has been covering tech and cybersecurity for over 15 years. His work has appeared on TechRepublic, VentureBeat, Forbes, Entrepreneur, and the Microsoft Blog, among others.