Fraudulent SMS messages targeting subscribers are rampant worldwide. These messages are more malevolent than nuisance spam – they are used to spread malware, lure unaware recipients into revealing bank account or credit card details, or into calling expensive international premium numbers. Comprehensive solutions exist to tackle these problems, but there are many immediate steps Operators can take to minimize the impact of fraud on their network and subscribers.
- Audit the Rules on your SMS Firewall
Yes, you probably have an SMS Firewall sitting in your network. Perhaps it still has the default rules configured by your vendor during its initial installation. Yes, it may have limited functionality and lack modern features such as Machine Learning, but an SMS Firewall is an essential building block to any SMS Fraud prevention measures. Review the rules configured on your firewall, make sure they are up to date, and ensure all incoming messages into your network are screened by the Firewall before being delivered to customers.
- Put a Shortcode in Place to Allow Subscribers to Report Fraud
Your subscribers are the targets of SMS Fraud and they undoubtedly feel annoyed and irritated when they receive a message the believe to be fraudulent. They are probably concerned about what would happen if a vulnerable young or elderly person received such a message without realizing the potential danger lurking behind the harmless appearing URL. Let your subscribers be your allies in the fight – give them a way to forward these messages to a convenient short code so that they can report these messages to you. You will then be in a position to respond to attacks on subscribers, and you will have some idea as to the extent of the problem on your network.
- Ensure you have a Process for Responding to Attacks
Unfortunately, SMS Fraud attacks are a regular occurrence. You need to have a process in place to establish what is happening and respond to the threats. Your Firewall may need to be updated, and you need a way to send a warning to subscribers about the risks they may face. Organize the various stakeholders in your company, make sure you have a feedback loop in place that captures details of an attack, implements mitigations, and provides informative alerts to those who need it.
- Get Executive Buy-In to Tackle the Problem
At most operators today, the SMS service has become underfunded and under-resourced. It is no longer the money machine of old, and Executive attention has been drawn away to shiny new services such as 5G and IoT. Despite this, it remains an essential service and needs to be protected. Provide reports to your Senior Management and Executive so they can understand the extent of Fraud impacting you subscribers and the risk this poses to your business. If your Executives are not aware of the potential business implications of SMS Fraud, they are not going to provide you with the resources to deal with it.
- Ask Experts for Help
You are not alone. Expert vendors in Messaging and Fraud have services and solutions available that can protect your business and subscribers from malicious messaging activity on your network. Talk to your existing vendors – if they are not ready to help there are others that are. The industry as a whole is awakening to the threat posed by mobile malware, criminal activity, and even nation-state attacks on critical infrastructure via the mobile network. Don’t be afraid to reach out to those that are ready to assist. SMS based attacks have been increasing year-on-year since the onset of the pandemic, and in these dangerous and troubled times, now is not the time to be complacent or ignore weaknseses you know to exist in your messaging network.