The GSMA has reported some of the findings from its Spam Reporting Service (SRS), which ran from March through December last year with support from AT&T, Bell Mobility, KT, Korean Internet & Security Agency, SFR, Sprint and Vodafone. The service, run by Cloudmark, collected and analysed text messaging threats and misuse that were reported by mobile subscribers.
Jeremy Sewell, the GSMA’s chief operating officer, said “As mobile phones are such a personal medium, SMS spam feels like a very personal violation and customers may be tricked into becoming victims of fraudulent and damaging attacks. The mobile industry is focused on eradicating this scourge, and the GSMA SRS offers a simple solution that is straightforward and quick to implement, low cost and hugely effective at identifying very diverse and sophisticated attacks. Protecting the consumer and increasing messaging security is a priority, and by proactively controlling SMS spam, operators are able to maintain trusted customer relationships.”
Data from the Spam Reporting Service indicated that spam is found across all networks and at levels higher than originally anticipated. It also showed that reducing SMS spam would help improve the security and stability of networks while also saving bandwidth by reducing unwanted traffic.
Most spam was found to originate on the same network that received it, although peer networks and internet services were also used. In each case, mobile network operators in the pilot scheme were able to identify the source of the spam and take immediate action.
The majority of attacks were for financial gain, with 70% of spam reports worldwide being for fraudulent financial services. Adult content was involved in almost a tenth of messages. There were three main categories of financial fraud:
Phishing attempts - where the attacker is attempting to collect financial information from the subscriber. This was often done using a URL in the message with a deceptive website or a request to call a fraudulent call centre that attempted to harvest bank details or identity information. A typical message would be that the recipient had won a lottery or gift card and had to call to make their claim;
Social engineering scams - such as loan or gambling scams where the call to action was often to simply reply to the sender in order to con the subscriber into transferring cash; and
Premium rate fraud - a phone number was embedded in the SMS message. Premium rate charges are unwittingly paid to the attacker if they call the number. A typical message would be a notification that the subscriber had received a dating or adult services message.
In Europe, approximately a quarter of reports related to fraudulent lottery, loan and insurance claim services and a fifth were adult in nature. In Asia, the majority of attacks were driving click fraud relating to gambling sites, followed by fraudulent loan services. In North America, there was a large proportion of reports relating to loans and pay day advances.