What is SMS Spam?
SMS spam is defined as any unwanted text message received on a mobile device. Like email spam, SMS spam can range from unsolicited advertising to social engineering hoaxes to harmful attempts to steal subscribers’ personal and financial details. In 2010, the GSMA and Cloudmark ran a pilot of a subscriber-focused spam reporting service with six mobile operators around the world, which found that most spam (70%) is designed to defraud the recipient.
Types of SMS Spam
Most spam messages contain some sort of call to action, the most common of which are listed below:
- “Call me now”. Often used with a reward card, insurance claim or lottery scam where the subscriber clicks on a number and speaks to a fake call centre that attempts to steal personal and financial details.
- “Click here to view”. Embedded in the message is a link to a website, which may be offensive or inappropriate or may be paying the attacker commission to deliver visitors.
- “Forward this message”. This is generally used in social engineering hoaxes where subscribers are encouraged to forward the message on to all of their contacts in return for a reward.
The vast majority of fraud attempts via SMS involve asking consumers to sign up for premium rate services or call premium rate numbers. The scam often starts when a mobile phone user gets a message offering a prize if they call to claim it. Analysis from Juniper Research in May 2011 revealed that SMS trojans sending messages to premium rate numbers were responsible for 17% of all reported mobile security attacks.
Malware, short for malicious software, is designed to infiltrate a mobile device without the owner’s informed consent. The consumer typically receives a message containing a link purporting to be to a game or another app. Clicking on the link downloads the malware, which may be designed to hijack the device to send out more spam messages or it may be designed to collect personal data that can then be used for identity theft.
Four of the most common forms of malware include:
- Virus: A malicious computer application that is able to reproduce itself. It can infect a new host when an unsuspecting user sends it over a network or the internet
- Worm: A self-propagating malicious computer program. It sends copies of itself to other nodes on the network. A worm can spread and infect numerous hosts very quickly in a networked environment
- Trojan: A destructive program that disguises itself as a benign application. It does not replicate itself, but instead enables hackers un-authorized access into the infected host. Another severe form of a Trojan is keystroke logging, where a hacker covertly tracks (or logs) a user’s keystrokes without their knowledge or consent
- Botnet: A computer program that resides on a device and is under the control of an unauthorized third party. Recent attacks have involved botnets harvesting personal details and sending unauthorized SMS from infected handsets.
The difference between email spam and SMS spam
Traditional email spam relies on large volumes and low cost of delivery to deliver a return to attackers. SMS attacks however are often low volume, but have a significant impact on subscribers in terms of potential loss and damage to the mobile operator’s brand. There are several other reasons why SMS spam attacks differ from email attacks. These include:
- The billing relationship: Unlike email users, mobile subscribers have a billing mechanism in place to pay for calls, messages, data and premium rate services. An attack involving a premium rate number can be highly profitable for the scammer.
- The level of trust and willingness: Mobile phone subscribers tend to trust the SMS messages they receive. Any message purporting to be from a friend or trusted organization, such as a bank, is generally opened, read and acted upon. Smartphone users are also increasingly willing to download applications for mobile banking, stock trading and entertainment.
- Touchscreens: With the increasing number of touchscreen smartphones now available, it is all too easy to accidentally click on a link to a premium rate number or website.
Why is the GSMA Involved?
The issue of mobile messaging misuse is a global, inter-operator problem, which requires a comprehensive spam mitigation strategy by the industry as a whole. Representing almost 800 mobile operators worldwide, the GSMA is ideally-placed to lead a concerted programme to combat SMS spam.
Through the GSMA, mobile operators can quickly and easily exchange information about spam, enabling them to pinpoint the sources of unwanted messages and take appropriate action. The involvement of the GSMA also helps the Spam Reporting Service gain economies of scale and benefit from network effects, enabling it to be a highly efficient and effective weapon against unwanted SMS messages.
More broadly, one of the GSMA’s primary goals is to ensure that consumers can trust the security of GSM networks. It is vital that the industry works together to maintain consumer confidence in the integrity of mobile networks and devices, which are used to deliver highly-personalised services.
For more background please click here