Bitcoin scammers sending MMS with 3GP videos: old format surprisingly effective


If you haven’t disabled MMS functionality on your phone, it is time to let this old standard go. Bitcoin scammers have been abusing it lately to enhance their fraudulent schemes.

Cybersecurity experts from Proofpoint warn about a fraud campaign that relies on video attachments in multimedia messages (MMS, Multimedia Messaging Service) to promote Bitcoin scams.

MMS messages are rarely used and even discontinued in some countries. MMS is an aging standard for multimedia messages superseded by more modern and free technologies such as Rich Communication Services (RCS), iMessage, or modern internet-based instant messengers such as WhatsApp or Signal.

ADVERTISEMENT

However, receivers are very likely to open an MMS message if they receive one, and fraudsters now are banking on this.

“99% of received mobile messages are opened, and 90% are read within just 3 minutes of receipt,” the Proofpoint’s report reads.

Globally, almost 6 billion devices are capable of sending and receiving text messages, and most of them are also capable of receiving MMS messages.

How does the scam work?

The campaign, dubbed VidSpam, or video-based abuse, relies on lightweight 14 kilobytes video file in 3GP format.

“This small video-based attachment is received on mobile devices and contains a ‘play’ button that allows recipients to easily start the video,” the researchers said.

“Clicking the button results in a brief, 2-second video that merely displays the static image.”

Unlike video files, the image contains no movement or animation.The messages often feature images of successful-looking individuals, fake awards, and promises of extraordinary daily profits to convince recipients into visiting a fraudulent website.

ADVERTISEMENT

The message body only contained an embedded link directing users to the attacker-controlled discussion forum.

Fraudsters urge recipients to click the link and joint the WhatsApp investment group, where they deploy the further high-pressure tactics, such as faux crypto related investment opportunities.

The 3GP container format was designed for 3G networks and optimised for small sizes and efficient streaming on mobile devices.

“This evolution is surprising and highlights how attackers adapt their methods to evade detection of traditional content filtering more commonly attuned to scanning text and image-based messages,” Proofpoint said.

A .3gp file is a multimedia container format designed for 3G networks and optimized for small file sizes and efficient streaming on mobile devices. The small size makes these files accessible on devices with limited storage and on slower networks. This combination of size and low resource use makes the format ideal for mobile devices on both low-data environments and modern 4G/5G networks.

Ernestas Naprys Konstancija Gasaityte profile Marcus Walsh profile Niamh Ancell BW
Don’t miss our latest stories on Google News

You can disable MMS messages

Most of modern smartphones allow users to disable the MMS functionality, however, it is enabled by default.

Disabling MMS can enhance your security and privacy, as these message often are less secure, sometimes carry extra fees, and are used to deliver potentially malicious or unwanted content.

If you don’t expect to ever use MMS, on iPhone, go to Settings, tap ‘Apps’, choose ‘Messages,’ and unselect ‘MMS Messaging’.

ADVERTISEMENT

On Android phones this may require more steps. First, in the Messages app you can tap three dots or settings icon, look for Advanced or More settings, and then toggle off “auto-download MMS” or similar option. Also, you may want to disable MMS access pointts by clearing MMSC, MMS proxy and MMS port fields in the Phone Settings. Here, choose ‘Connections,’ go to Mobile networks and select ‘Access Point Names’ to edit these three fields.

Proofpoint researchers also recommend avoid clicking links or downloading attachments from unknown sources, never sending money or sharing personal details with strangers online, especially over mobile messaging platforms.