Monday, December 23, 2024

Google Messages users are getting spam-like encrypted RCS messages

Must read

Summary

  • Encrypted text messages on Google Messages are likely from malfunctioning spambots seeking active numbers.
  • Message encryption ensures privacy, with only the sender and receiver able to access the content.
  • Google users receiving gibberish messages with legitimate links should avoid interacting, report using the built-in tool.



If you’ve received a new spammy-looking encrypted text message on Google Messages, you’re not alone. Google Messages uses Rich Communication Services (RCS), which is a more secure way to communicate via text, when compared to old SMS and MMS protocols. It offers a range of advanced features, including the likes of message reactions, delivery and read receipts, an option to share large files and media, and most importantly, privacy via end-to-end encryption.


With messages encrypted this way, no one, not even Google, can read your messages. The message can only be accessed by the user sending the text, and the user receiving it.

Related

Google has a drastic solution for RCS spam

A new confirmation dialog box will pop up when you tap on an external link

Many Google Messages users have recently reported receiving messages with a string of characters that appear to be the message’s content, albeit in an encrypted form. The message appears as gibberish letters and numbers, likely because it couldn’t be decrypted. A two-year-old Reddit thread has become the spot for grievance, with an influx of new comments on it in the past week suggesting that the issue is now widespread.


It’s worth noting that the original poster (OP) of the Reddit post was in a one-off situation, where a message from someone in their contacts list failed to be decrypted. Upon asking the contact to send the message again, decryption worked as intended, and the OP was able to read the actual contents of the message.

This time around, however, the large influx of comments all echo the same skepticism: The encrypted message was sent by an unknown sender, and that too from outside their immediate area code. This is also the case with folks at Android Police who’ve received a similar-looking message. Some users have also reported receiving said messages from different countries, including Indonesia, the Philippines, the Dominican Republic, Cameroon, Tanzania, and more.


The messages might originate from a malfunctioning spambot


The large number of comments on the Reddit thread all suggest one common thing among all the encrypted messages; they all have a legitimate link to Google’s support page, detailing how to troubleshoot messages you’re unable to receive or decrypt. It’s clear that these are actual text messages that are failing to decrypt, likely because of a failed handshake between the two devices, but the main concern is why people are getting these messages all together, and all of a sudden.

This is speculation, but considering that most of the failed messages are coming from unknown senders, it could be that the source is a spambot that’s gone rogue. We think that the spambot could be looking to identify and farm active numbers via read receipts, and the messages coming through without being decrypted is just a malfunction.

Although this doesn’t seem to be a zero-day RCS exploit, it does surely feel like spam/scam. If we had a powerful quantum computer, we’d likely be able to decrypt the message and explain what it’s all about. Unfortunately, for now, we’re unsure what these messages actually entail.


Until Google offers more clarity on the issue, users should remain vigilant. If you’ve received a similar message, do not interact with it. Alternatively, you can use Google Messages’ built-in reporting tool to flag the message.

Latest article