One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8646760 |
| Date de publication | 2025-02-04 14:19:22 (vue: 2025-02-04 10:07:57) |
| Titre | VidSpam: A New Threat Emerges as Bitcoin Scams Evolve from Images to Video |
| Texte | Key takeaways Attackers are now leveraging video attachments in multimedia messages (MMS) in mobile to promote Bitcoin scams, marking an evolution from static images. A reported video message came in a lightweight 14KB.3gp file-a unique approach for convincing victims to click links and engage with scammers. Recipients are lured to WhatsApp groups, where scammers use high-pressure tactics to extract money or personal information. MMS abuse is expected to grow with increasingly deceptive multimedia content to target unsuspecting individuals. Overview The rise of image-based Bitcoin scams has been a growing concern for defenders in the mobile space. Attackers use eye-catching, fraudulent images to lure victims into schemes promising extraordinary financial returns. Now, a new and troubling trend is emerging: video-based abuse (VidSpam), where attackers are leveraging small video file attachments to further enhance their deception tactics. Bitcoin image abuse No sooner had we sounded the alarm about image abuse becoming a widespread attack technique targeting mobile device users, through image message spam, than Proofpoint researchers noticed the emergence of video message abuse, adding another layer to scammers\' tactics. Bitcoin scams via MMS images have become commonplace in unwanted message reports. These scams often feature images of successful-looking individuals, fake awards, and promises of extraordinary daily profits. Their sole goal: to convince recipients to part with their hard-earned money. Example of Bitcoin image spam. Scammers take advantage of the belief that people have made money in cryptocurrency markets, and their scams leave victims financially drained. A surprising development: video in MMS In mid-December 2024, Proofpoint researchers identified an MMS based message with a Content-Type: a video message header and a .3gp file attachment was reported to a carrier and Proofpoint\'s Mobile Abuse Visibility solution as unwanted. This small video-based attachment is received on mobile devices and contains a “play” button that allows recipients to easily start the video. Clicking the button results in a brief, 2-second video that merely displays the static image shown below. Unlike most video files, there is no movement or animation in this video-it simply presents the graphic as if it were a still image. .3gp video as shown in messaging app. What is a .3gp file you ask? A .3gp file is a multimedia container format designed for 3G networks and optimized for small file sizes and efficient streaming on mobile devices. The small size makes these files accessible on devices with limited storage and on slower networks. This combination of size and low resource use makes the format ideal for mobile devices on both low-data environments and modern 4G/5G networks. The video attachment in this example was crafted to be a mere 14.1KB, an unusually small size for a video file. The message body only contained an embedded link directing users to the attacker-controlled discussion forum. This evolution is surprising and highlights how attackers adapt their methods to evade detection of traditional content filtering more commonly attuned to scanning text and image-based messages. The small video size results in a video with very low resolution and poor quality. Its purpose is not necessarily to entice users visually, rather, it\'s designed to add credibility and increase the likelihood that the recipient engages with embedded content or through a message response. VidSpam Bitcoin message. How the scam works The MMS message contains both a message body and video attachment. The message body typically contains nothing more than a link to a URL redirection service, which directs the user to an attacker-controlled webpage. The video attachment is intended to add credibility, while the body urges recipients to click the link and join a |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | 14kb 1kb 2022 2023 2024 2025 3gp 4g/5g about abuse abuse accessible across adapt add adding additionally advantage adverse ahead alarm allows amplify android animation another app approach are artificial ask assess attachment attachments attack attacker attackers attractive attuned audience available avoid awards based battle because become becoming been before belief below best bigger billion billions bitcoin body both brief broader built butchers button came can carrier catching chains challenges changing click clicking collaboration com/l8d8cteibi28wwqsvwezsa combination commonly commonplace complete concern concerning conclusion conducted constantly consumers contained container contains content controlled convince convinced convincing cooper crafted credibility credulity crypto cryptocurrency daily data december deception deceptive defenders demonstrates deploying designed detection development: device devices directing directs discern discussion displays documented dollars don downloading drained due early earned easily economy: effective efficient embedded emergence emerges emerging emerging: enabling encompass engage engages enhance entice environments era especially essential evade even ever evolution evolve example exchange expected exploit extract extraordinary eye fake fbi feature features fellow file files filtering financial financially format forum fraud fraudsters fraudulent friendly from further generated generative gig global goal: graphic greater group groups grow growing had hard harder has have header here high highlights highly how https://chat ic3 ideal identified image images impact increase increasingly individuals industry information inside intelligence intended introduces investment invitation ios its job join junk” just key layer leave legitimate leveraging lightweight like likelihood likely limited link links looking lost low lure lured made make makes making markets marking massive materialize matures may mere merely message messages messaging methods mid minutes mms mms mobile modern money more most movement multimedia must necessarily networks never new not nothing noticed now number offers often once one ones only opened opportunities optimized out over overview part payments people personal picture pig platforms poor post: potential practices presents pressure previously price profits promises promising promote proofpoint protected: purpose pwc pwc: quality rather reach read receipt receive received recently recipient recipients redirection refine related remain report reported reporting reports representing represents research researchers resolution resource response results returns reviews rise run scale scam scammers scams scanning schemes second seekers seeking send service share shared show shown shows signal similar simply size sizes skeptical slower small sole solution some someone sooner sophisticated sophistication sounded sources space spam spam” speed start static stay staying step storage streaming successful surprising suspicious tactic tactics take takeaways target targeting tasks technique text than these those threat threats through tools traditional trend troubling trust type: typically unique unknown unlike unrealistic unsolicited unsuspecting unusually unwanted uphill urges url use used user users using very victim victims video vidspam vidspam: vigilant visibility visually waterhouse webpage what whatsapp where which who why widespread will within works write yet your “play” “report |
| Tags | Spam Tool Threat Mobile Prediction |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.