large image

Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

Is TikTok safe? We asked 3 security experts to find out

As one of the fastest-growing social media sites in recent years, many parents have a lot of questions about TikTok.

To help alleviate concerns about the social media platform we asked three experts on social media and security about how safe users are, and how they can better protect themselves.

Keep scrolling to find out what they told us.

What is TikTok?

TikTok is a video-shared focused social media site launched in 2016 that has been downloaded over two billion times and has over 600 million users, as of this year.

TikTok is also a lot more popular with the younger generations, as 62% of TikTok users in the US are aged between 10 and 29, which isn’t that surprising, as the app is geared towards under 18s.

What are the main risks?

“TikTok has shot to fame in the past year, and while it can be a secure way to post content and engage with videos when downloading and using the platform, there are risks to be aware of,” Antony Demetriades, VP at McAfee told Trusted Reviews.

“Popular TikTok users have an increased digital footprint and their potential risk of falling victim to phishing attacks. Criminals can target high profile users and impersonate their accounts to send fraudulent messages to other users.

“As such, TikTok has created a detailed series of community guidelines which are designed to outline what is, and what is not acceptable on the platform,” Demetriades explains.

A phishing attack is where someone sends a fraudulent message that is supposed to trick the receiver into clicking on a dangerous link, or revealing sensitive information about themselves.

“TikTok carries many of the same risks as other social networks like Instagram and Snapchat. TikTok collects personal information about its users for advertising purposes,” says Paul Bischoff, Editor of Comparitech.

“Third parties can get that information by scraping it. TikTok is owned by a Chinese company.

“Although there’s been no evidence that the Chinese government spies on TikTok users, you probably shouldn’t use it if you work for the federal government or are required to protect trade secrets.”

Do hackers target TikTok and if so do they have any specific attacks?

“We don’t see TikTok targeted more than any other social media platform. Hackers will try to harvest user data and distribute phishing links but this is the case with pretty much all social media,” Tom Gaffney, security consultant at F-Secure told Trusted Reviews.

Since TikTok is a video-sharing platform, there is less emphasis on direct messaging like there is on Facebook or Twitter. Plus, on TikTok, only users aged 16 and over can send and receive direct messages.

“Most attacks on TikTok involve social engineering, not breaking the app’s security. Attackers use scams and phishing to trick users out of their money and passwords. Any security vulnerability in TikTok would be patched quickly, but phishing and scams aren’t going away,” says Bischoff, also highlighting the danger of phishing attacks.

Would you let your kids use it?

“During the pandemic specifically, children have become extremely reliant on tech to engage with friends and family virtually,” Demetriades went on to say.

“TikTok became popular amongst children at the start of the pandemic in early 2020, which has led to over 1 billion users using the app. However, due to more children becoming more and more connected online, the risk of engaging with harmful content across the platform and unknowingly sharing personal information has also increased.

“As with any technology that children may use, it’s important to monitor them when using internet-connected devices and begin to have conversations with kids about potential online dangers early on.

“This will arm children with the knowledge they need to stay safe online. Parents and guardians are advised to regularly check to see what apps and services are being used, and to invest in mobile security solutions,” Demetriades explained.

TikTok users need to be 13 to sign up, and anyone under 13 will be put into the Younger Users version of the app, which has additional privacy and safety protections. However, TikTok does not vet the ages of its users, so children under 13 could still sign up.

“I have a 12-year-old – and absolutely not. However, I also have a 15-year-old who I do allow to use it,” Gaffney revealed.

“It’s used by all her peers and to not let her use it would exacerbate the ‘FOMO’. But we have conversations about how she uses it and the content she views.

“It’s true TikTok has a degree of unpalatable content. But the same is also true of YouTube, it’s just that, as a newer platform, TikTok has had some trouble getting its defences in place.,” Gaffney went on to say.

What data does TikTok collect?

“A lot. It has a long way to go when it comes to privacy. The general user terms are pretty opaque and there is a number of good studies showing its data collection exceeds that of even other social media companies,” Gaddney claims.

“TikTok tracks you, not just in its own app but if you’re logged in, it will profile your device (phone) and other accounts you access (though not the login details).”

When you create a TikTok, the app asks you for personal information to set up your account, but it’s important that you don’t share this with anyone else on the site.

“Here’s the more notable stuff: email, phone number, age, profile image and info, content you post, payment info, contact lists, IP address, advertising IDs, app and file names, keystroke patterns, location, biometric identifiers (face and voice prints), messages, uploaded content metadata, cookies, and web beacons,” says Bischoff.

What are the best ways for users to protect themselves? 

“Don’t respond to or click on links or attachments in unsolicited messages. Minimize your digital footprint by revealing as little personal information as possible in your profile and posts,” Bischoff recommends

“Don’t use your real name. Reject unnecessary permissions like access to your location, contact lists, keyboard, and clipboard. If you need to send private messages, choose a different messaging app with end-to-end encryption like WhatsApp, Telegram, or Signal.”

TikTok doesn’t have end-to-end encryption like some other apps, making it less safe to send private or personal direct messages.

“Avoid clicking links from unknown users and block posts from accounts you don’t recognize,” Gaffney says.

“For kids, TiTtok has a number of tools to help parents limit exposure of children from seeing the content.

“Parents can ensure children use the appropriate age settings on the app or for best protection use the “pairing feature”, which allows parents more granular controls.”

Why trust our journalism?

Founded in 2004, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have 9 million users a month around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.