MMS is a rather old technology that is being pushed out of the market by proper messenger applications. Nonetheless, fraudsters seem to be interested in abusing it for their profit: tons of MMS scams appeared over the last few months, targeting different countries under different disguises. Let me explain in detail what they are about and how you can avoid such a danger.
MMS Scams Are on the Rise
The researchers have noticed a significant increase in messaging scams, i.e. ones that rely upon messages sent over cellular networks rather than through the Internet. Since May, reports of abusive mobile messages in the U.S. have surged by 39%. But within this trend, one notable aspect gets into eyes. Fraudsters are turning to old, seemingly forgotten technologies, with one of them being MMS abuse.
Over the same period, complaints about fraudulent MMS messages have skyrocketed by 220%. These scams often use images or graphics to enhance the credibility of their messages. Effects of such scams, however, are not really different from email or social media spam: lost money, exposed personal data and potential identity theft.
Short reminder – MMS is…?
MMS is short for Multimedia Messaging Service, one of two messaging technologies offered by cellular carriers. Back in the days when phones weren’t smart, this and SMS were the only way to exchange pics and text. MMS is built on the same foundation as SMS, but unlike the latter allows users to send and receive multimedia content via cellular network, such.
With the advent of iMessage, WhatsApp, and other messengers, this technology was thought to be obsolete. Quite a few cell carriers have disabled this service due to the absent demand. Still, it is so seamlessly integrated into mobile messaging today that most people don’t even notice when they’re using it. Well, scammers definitely notice, and aim at abusing it at any given moment.
MMS Abuse Details
The numbers paint a worrying picture. Since the beginning of the year, the reports about MMS scams surged by 429%, with most of the uptick happening in the last few months. In fact, the increase in scammer interest in multimedia messages started around October 2023, but was increasing pretty slowly until summer of 2024. Today, MMS scams represent over 21% of reported abuses.
The numbers are definitely influenced by the large number of devices capable of receiving these messages. We are talking not only about mobile phones, but also all IoT devices capable of holding a SIM-card. The overall estimate of the devices that may receive a scam message floats around 300 million in the US alone – that is about 90% of the country’s population.
Research has also shown how quickly people tend to read and respond to mobile messages, usually within just three minutes. That clears out the reason for such an unusual interest from cybercriminals: folks appear to treat cell messages as a more important, and probably a more trusted thing.
Scam Examples
MMS scams take various forms, but they all rely on visuals to deceive people. Con actors might send fake notifications pretending to be from banks or financial institutions, claiming there’s an issue with your account. There are 3 main types of fraudulent messages that you can expect – impersonation scams, fake invoices and delivery scams.
We begin with impersonation attacks, ones that target people under the guise of a renowned company or a person. Scammers use MMS capabilities to send the “proofs” of their legitimacy, i.e. documents or pictures of themselves. Though modern photo editing technology capabilities are known to a wide audience, such a fraud works mostly with elderly and children.
Key demand in impersonation scams is, as usual, money or sensitive information. Frauds tell about a lucrative “send money, receive twice as much back” program or about being in need of a tiny bit of money with the promise of 2-3 days return.
Delivery scams are one of the longest running ones, with attacks happening ever since major delivery services started sending notifications via SMS. The scammer sends a message pretending to be from a courier service like FedEx, UPS, or DHL. The message claims that a package couldn’t be delivered due to incorrect shipping details or unpaid fees.
The link that is always attached to the message should help with “rescheduling delivery” or “paying outstanding charges”. In fact, it leads to a phishing site designed to steal credit card information or personal details. These scams are especially effective during busy shipping seasons like the holidays, when many people are expecting deliveries and thus lose vigilance.
Another type of fraud is fake invoice scams. In this type of scam, you may receive a message that includes an image of a fake invoice or receipt for a product or service you didn’t purchase. The scam often claims you owe money and provides a link or phone number to “resolve the issue.” For instance, a scammer might send a message pretending to be from an online retailer, saying you’ve been charged for an expensive item you didn’t order.
How to Avoid MMS Scams
Staying safe from MMS scams doesn’t require much – just a little caution can go a long way. If you receive a suspicious message, especially one with images or links, avoid interacting with it. Only share your phone number with trusted sources to reduce the chances of being targeted. If a message includes a link, don’t click on it. Instead, use your browser or a verified app to visit the sender’s official website directly.
If you suspect a message is a scam, report it. iOS and Android devices have a built-in feature “Report Spam”. You can also forward the message to 7726 (SPAM) to alert your mobile provider and help improve scam detection. Lastly, always download apps from trusted app stores to minimize potential risks. Carefully review the permissions requested by these apps before granting access.
