Cybercriminals are getting smarter, and TikTok users are their latest target. Researchers from Trend Micro have uncovered a disturbing new social engineering campaign that uses AI-generated videos to trick unsuspecting users into downloading dangerous malware.\n\nThe scam operates by promising free software like Windows and Microsoft Office, or premium access to popular apps like CapCut and Spotify. These deceptive videos instruct viewers to execute seemingly harmless PowerShell commands, which actually inject malicious software like Vidar and StealC into their systems.\n\nWhat makes this campaign particularly insidious is its delivery method. Unlike traditional malware attacks, these videos exploit human trust by verbally guiding users through what appear to be legitimate software activation steps. The AI-generated content cleverly circumvents typical cybersecurity detection mechanisms, making the scam incredibly difficult to trace.\n\nSome of these fraudulent videos have racked up hundreds of thousands of views, indicating the widespread nature of this threat. Cybersecurity experts warn that users should be extremely cautious about following any instructions found on social media platforms, especially those promising free software or quick fixes.\n\nTikTok has responded by deactivating the accounts associated with this campaign and directing users to their Safety Center for more information about avoiding phishing attempts. However, the incident underscores the growing sophistication of online scams that specifically target younger, tech-savvy audiences.\n\nProtecting yourself requires vigilance. Always verify software sources, avoid executing random commands from social media, and maintain updated cybersecurity software. In the digital age, if something seems too good to be true online, it probably is.