KakaFlow KB

Bảo Vệ Tài Khoản TikTok Shop Khỏi Chiếm Đoạt (Account Takeover - ATO)

12 phút đọc

Bảo Vệ Tài Khoản TikTok Shop Khỏi Chiếm Đoạt (Account Takeover - ATO)

Trust: ★★★☆☆ (0.90) · 0 validations · factual

Published: 2025-06-18 · Source: crawler_authoritative

Tình huống

Người bán TikTok Shop cần hiểu rõ về các hình thức chiếm đoạt tài khoản (Account Takeover - ATO) do tác nhân xấu thực hiện, bao gồm mất quyền truy cập tài khoản, mất tiền trong số dư TikTok Shop, hoặc bị chuyển tiền sang tài khoản ngân hàng khác. Các trường hợp này xảy ra khi người bán vô tình chia sẻ thông tin đăng nhập với bên thứ ba đáng ngờ.

Insight

Chiếm đoạt tài khoản (Account Takeover) xảy ra khi tác nhân xấu có quyền truy cập trái phép vào tài khoản TikTok Shop. Hậu quả bao gồm: (1) Mất quyền truy cập tài khoản TikTok Shop - không thể đăng nhập quản lý đơn hàng và số dư; (2) Tổn thất tài chính nếu tác nhân xấu kiểm soát số dư hoặc thông tin ngân hàng và chuyển tiền sang tài khoản khác. Các chiêu trò phổ biến: Mạo danh nhân viên TikTok, quản lý tài khoản, nhân viên công ty Vận chuyển hoặc nhà cung cấp dịch vụ thứ ba; giả làm người mua quan tâm đặt đơn lớn. Liên hệ qua WhatsApp, Telegram, Messenger hoặc Tin nhắn trực tiếp của TikTok Shop để lấy thông tin nhạy cảm. Các thủ đoạn cụ thể: Yêu cầu thông tin tài khoản để hỗ trợ dịch vụ, xử lý Vi phạm; hứa hẹn giải thưởng hoặc xổ số; yêu cầu thông tin ngân hàng/thẻ để giải quyết vấn đề giao hàng; mời điền form online với chi tiết tài khoản để xác minh; yêu cầu cài đặt ứng dụng hoặc file APK không có trên cửa hàng chính thức; gửi link hoặc file đính kèm lạ để click. TikTok Shop KHÔNG BAO GIỜ yêu cầu người dùng cung cấp mật khẩu, OTP, PIN hoặc thông tin đăng nhập. Hệ thống phân quyền người dùng TikTok Shop bao gồm: Main Administrator (toàn quyền trừ quản lý tài khoản phụ), Tiếp thị liên kết Manager, Finance Specialist, Advertising Manager, Marketing Specialist, Customer Service Agents, Order Fulfilment Specialist, và Product Management Specialist.

Hành động

Các biện pháp phòng ngừa ATO: (1) GIỮ THÔNG TIN ĐĂNG NHẬP BÍ MẬT: Không chia sẻ username, mật khẩu, OTP, PIN với bất kỳ ai - kể cả nhân viên TikTok Shop. (2) SỬ DỤNG MẬT KHẨU AN TOÀN: Độ dài tối thiểu 8 ký tự kết hợp chữ hoa, chữ thường, số và ký hiệu đặc biệt (ví dụ: aR@1nY6#y); không dùng chuỗi sequential (abcd, 3456, qwerty); không dùng ngày/tháng sinh; mỗi tài khoản cần mật khẩu riêng biệt; sử dụng sub-account để kiểm soát quyền truy cập nhân viên. (3) KÍCH HOẠT 2-STEP VERIFICATION (2SV): Đăng nhập Seller Center > My Account > Seller Profile > Account Information > Account Security > Two-step verification; chọn phương thức xác minh ưa thích; sử dụng authenticator app tạo mã ngẫu nhiên - đảm bảo app được cài đặt trên thiết bị bảo mật chỉ mình bạn truy cập. (4) BỎ QUA LINK VÀ FILE ĐÁNG NGỜ: Không click link dẫn đến trang phishing; không điền thông tin trên form online; không tải file từ nguồn không xác định. (5) CẨN TRỌNG VỚI BÊN THỨ BA: Không tin các bên hứa dịch vụ hoặc giải thưởng đổi lấy thông tin tài khoản. (6) QUẢN LÝ QUYỀN ADMIN: Chỉ mời thành viên công ty; yêu cầu mỗi người có tài khoản riêng; đi đến My Account > User Management > Add User để thêm người dùng với vai trò cụ thể. NẾU TÀI KHOẢN BỊ XÂM PHẠM: Liên hệ Customer Service ngay; tài khoản sẽ bị đóng băng tạm thời để ngăn chặn truy cập tiếp; cung cấp giấy tờ xác minh quyền sở hữu; sau khi xác minh và điều tra, sẽ được thông báo các bước tiếp theo để lấy lại quyền truy cập.

Điều kiện áp dụng

Hướng dẫn áp dụng cho tất cả người bán TikTok Shop. Đặc biệt quan trọng khi người bán nhận được liên hệ từ các bên tự xưng là nhân viên TikTok, đối tác Vận chuyển, hoặc qua các nền tảng nhắn tin như WhatsApp, Telegram, Messenger.

Nội dung gốc (Original)

Protecting your Account from Account Takeovers (ATO)06/18/2025Account ManagementWhat is an Account Takeover? An Account Takeover happens when a bad actor gets unauthorised account access to a TikTok Shop Account. An Account Takeover scam can result in: Loss of access to your TikTok Shop account. This means you will not be able to log in to manage your TikTok Shop, orders, and account balance. Possible monetary loss should a bad actor gain control of your TikTok Shop Account Balance or bank account details. This includes transferring your TikTok Shop account balance to other bank accounts. How Do Bad Actors Take Over Accounts? The main tactic bad actors use in Account Takeover scams is to impersonate a trusted individual, such as a TikTok employee, account manager, shipping company employee, or third-party service provider, to contact TikTok Shop sellers. Alternatively, fraudsters may also pose as interested buyers who wish to make large orders from your shop.These bad actors reach out to you though online messaging platforms such as WhatsApp, Telegram, Messenger or our TikTok Shop Buyer Direct Message feature in order to retrieve sensitive information such as your log-in details or credentials. 🚩 Some common tactics bad actors use to retrieve your information are: Asking for your account details so that they can help you with account services, problems, or violationsAsking for your account details in exchange for prizes or entry into lucky drawsAsking for your banking or credit/debit card details to settle delivery/logistics problems with parcel deliveryAsking you to fill up an online form with your account details for account verification purposesAsking you to install/download apps or APK files that are not found in official app storesAsking you to click on links or download attachments sent via chat messages Once gathering the necessary details, bad actors can access and takeover your TikTok Shop accountHow can I Prevent Account Takeovers? You are encouraged to take the following steps to keep your account secure from Account Takeovers: Keep your login information confidentialUse secure passwordsActivate 2-Step Verification (2SV)Ignore suspicious links and filesBeware of Third Parties Offering Shop Services or PrizesManage your Shop’s Administrative and User PermissionsKeep Login Information Confidential Do not share sensitive account details like usernames, passwords, One-Time-Passwords (OTPs), PINs, or credentials with anyone. Remember, TikTok Shop will never request such information from users. Even if someone claims to be a TikTok Shop employee, do not disclose your login details or credentials.Use Secure Passwords Passwords are the key to your Shop Account. As the first defence against unauthorised access, passwords should be unique and known only to you. Below are some best practices for creating a strong password:Do not use sequential numbers or letters in your password. For example, do not use abcd, 3456, qwerty, jhgf, etc.Do not include or use your birth year or birth month/day in your password. Remember that unauthorized individuals can easily find this information through public social media accounts.Use a combination of at least eight letters, numbers, and symbols. The longer your password and the more character variety it uses, the harder it is to guess. For example, aR@1nY6#y (a rainy day) uses a unique combination of upper and lowercase letters, numbers, and symbols, while still being easy to remember. Do not reuse your passwords. Every device, application, website, and software requires a unique and strong password or PIN. Reusing your passwords puts you at a higher risk of related accounts being compromised at the same time. Never share passwords. This includes with colleagues, friends, and family. Sellers can assign sub-accounts to their employees to control how much access each person has to the main Shop Account. Beware of phishing emails, texts or calls. If you are unsure of the identity of the person sending you the email, text, or call, do not respond to or provide any personal information. Phishing is a fraudulent practice of inducing individuals to reveal personal information, such as passwords and credit card numbers.Activate 2-Step Verification (2SV) TikTok Shop offers the ability to secure your account with two-step verification (2SV), so additional verification is required each time you log in. To enable two-step verification:log in to your TikTok Shop Seller CenterGo to My Account > Seller Profile > Account Information > Account SecurityChoose your preferred verification method under the ‘Two-step verification’ section.Note: Authenticator apps generate a random numeric code. When 2SV with the authenticator app is enabled, this code would be required as a second login step, in addition to your username and password. This means that even bad actors with your username and password will not be able to log into your account without the authenticator code. Please ensure that your authentication app is installed on a secured device that only you can access. Ignore Suspicious Links and Files Do not click on any links or download files as suspicious links could direct you to phishing sites that attempt to obtain your login details, while suspicious files may install malicious software on your device.Never provide your TikTok Shop account information, such as username, password, OTP, or PIN, on online forms or websites.Do not download any files or attachments sent by unknown sources, external parties, or unverified senders.If you have any questions, reach out to our Customer Service for clarification and to verify the sender’s authenticity.Beware of Third Parties Offering Shop Services or Prizes Be cautious of third parties who promise account services or prizes in exchange for your TikTok Shop Account details. Remember, your login details and credentials should never be shared and should only be known to the owner of the TikTok Shop account.Manage your Shop’s Administrative and User Permissions Managing administrative access to your account is important because it has full control over your various permissions on TikTok Shop. You can manage your shop’s user permissions and assign roles to related accounts (i.e. sub-accounts). The main account with administrative access will have permission on all seller settings, while sub-accounts can be limited to lesser permissions. To add new users or a sub-account to your shop, you can go to My Account > User Management > Add User Sellers can also assign specific roles to the newly added user such as: Main Administrator: Main administrators can edit and view any module, such as products, orders, finance and marketing, except manage sub-accounts and sensitive store information. Affiliate Manager: Affiliate managers can view and create different affiliate plans, contact creators, and view affiliate performance data. Finance Specialist: Finance specialists have access to the financial module, and can view bill details and export bills. Advertising Manager: Advertising managers can access the advertising options in the Seller Center and the TikTok for Business advertising platform. They can also create advertising plans and view advertising data. Marketing Specialist: Marketing specialists can view and edit all pages in the marketing module and can also create, change and end promotional campaigns. Customer Service Agents: Customer service specialists can view and use the TikTok Shop messenger service, reply to consumers’ inquiries, and provide after-sales services. Order Fulfilment Specialist: Order specialists have access to the order management page, and can arrange deliveries, check logistics, and handle returns and refunds. Product Management Specialist: Product specialists have access to the product management page, and can activate, manage and delist products. Note: it is important that you carefully choose who gets admin access to your TikTok ShopOnly invite members of your own company. Require every member to have an individual user account, and do not share your password with others.What Should I Do If My Account is Compromised? If you are unable to sign in to your TikTok Shop account and no longer have access to the registered email or mobile phone number, please contact our Customer Service for assistance. As a precaution, your account will first be frozen to prevent further compromised access. You will then be asked to upload documents to verify account ownership. Upon verification of your documents and further investigation, you will be notified about the next steps to regain access to your account. Is the content above helpful?Next Inactive Seller AccountsYou may also be interested in9 lessonsManage Seller CenterStart setting up your profile with the basic and necessary information for a seller at TikTok ShopSeller Sharing - Underme VietnamUnderme Vietnam specializes in providing sporty lingerie for women on the TikTok Shop platform. Desp…Shop Ownership Change ProcessNote: You will only be able to change ownership from to individual to corporate/household sellers or…Violation Points & Milestones for SellersWhat are Violation Points? Violation Points are points issued to sellers who breach our policies an…How can I change my login email address or phone number asso…To update your email address/phone number, please follow the steps below: Login to your TikTok Shop…【Video】Homepage - All you need to checkFind your daily important information and action needed items on homepage. 2.1 Let’s Start Your Busi…Scam Prevention: Cash on Delivery (COD) Scam OrdersScam Prevention - Cash on Delivery (COD) Scam Orders TikTok Shop strives to provide a shopping exper…TikTok e-commerce short video music selection guideFor the purpose of upholding music copyright law, we recommend that everyone uses music with commerc…Adjustment Period for New ShopsNew Shop Adjustment Period All new shops on TikTok Shop start in the Shop Adjustment Period. During…Seller Sharing - Socomo ShopSocomo is a brand specializing in Korean-style women’s fashion, a rising star with a commendable tra…Table of contentsWhat is an Account Takeover?How Do Bad Actors Take Over Accounts?How can I Prevent Account Takeovers?Keep Login Information ConfidentialUse Secure PasswordsActivate 2-Step Verification (2SV)Ignore Suspicious Links and FilesBeware of Third Parties Offering Shop Services or PrizesManage your Shop’s Administrative and User PermissionsWhat Should I Do If My Account is Compromised?

Liên kết

Xem thêm:

Sơ đồ

Liên kết ngược