Fraud on mobile networks has grown exponentially in recent years. Smishing and messaging fraud has now reached a point of no return, with the volume of fraudulent messages forcing regulators and legislators to step in and combat bad actors. This blog post outlines the growing influence of regulators and what you can do to proactively combat fraud on your network.
More than 5.4 billion people worldwide subscribe to a mobile service. This number is expected to exceed 6 billion unique mobile subscribers by 2030. As more advanced technologies like 4G and 5G become more prevalent, and new, advanced services are developed my mobile operators, so too does the potential for harm for civilian and enterprise customers as a result of fraud. Every day, fraudulent actors or scammers are developing ever-more sophisticated scams to defraud mobile subscribers out of personal information or money.
With more and more consumers adopting a mobile-first approach to financial management, retail and other aspects of their day-to-day life, regulators around the world are now recognizing the need to protect citizens from these bad actors by ensuring that harmful and malicious messages do not continue to penetrate the messaging ecosystem.
How Are Legislators Tacking Messaging Fraud?
In the face of unprecedented levels of fraud on networks across the world, regulators are finally beginning to bare their teeth when it comes to combatting smishing and other types of fraud.
The Swiss market has long been considered the world leader when it comes to anti-fraud measures on their mobile networks. Swiss regulators have threaded the fine line between protecting user privacy while also giving operators enough leeway to protect themselves and their networks, with the result being that regulators globally are now taking their lead from Switzerland.
When the issue of smishing began to ramp up across Europe in 2020, Swisscom partnered with Openmind Networks for a solution. Openmind’s smishing detection service became an immediate success, deleting and blocking the vast majority of smishing messages. Check out the case study online here.
Switzerland is just one example of a number of regulators taking proactive measures to protect their consumers, networks, and enterprises from fraudulent actors.
ComReg, the communications regulator in Ireland, is looking to establish anti-fraud regulation to help combat voice and messaging fraud on Irish networks and we have also seen the use of Sender ID registries across APAC markets in recent years.
While a lot of regulation and legislation is focused on voice fraud such as Wangiri, fraudsters are increasingly leaning towards smishing and messaging fraud. These instances of fraud are easily automated and much harder to stop.
The Impact of Smishing and Messaging Fraud
The prevalence of messaging fraud erodes trust across the entire messaging ecosystem, impacting networks, end users and enterprises. On an almost daily basis, we see headlines about the financial impact of smishing, but what is often forgotten is that these large sums of money are being re-invested into future operations by bad actors. Fraudsters are incredibly well resourced and are increasingly using high-end, legitimate services to defraud people. As the legitimacy of the service increases, so too does the legitimacy of their messages.
Impact on Networks
Typically, the end-user consumer who actually receives the fraudulent message will not blame their network provider, but rather the brand or enterprise who appears to have sent the message. Operators will, however, suffer from brand damage with their enterprise customers if they cannot protect their network from bad actors.
Network providers will also be subject to regulatory fines for failing to protect subscribers, and put future revenue from A2P SMS at risk. This is something that operators can ill afford with increased expenditure on 5G and other upgrades required in the coming years.
Impact on End Users
Consumers are subject to the loss of personal information, monetary loss, and the potential social embarrassment of falling victim to a scam.
The end user consumers are the most vulnerable to smishing and messaging fraud – and the least equipped to combat it. They cannot, after all, control the messages that are delivered to their device.
Protecting citizens is the primary driver behind the increased regulation against messaging fraud.
Impact on Enterprise Customers
Like the network operators that they piggyback on, enterprise customers are subject to huge PR and brand damage from messaging fraud.
Enterprise customers such as financial institutions or logistics companies could also be faced with financial losses due to customer refunds and reimbursements.
If the messaging fraud problem is not eradicated, then enterprise customers who wish to reach their customers, may also face the costs associated with developing an alternative communication method to SMS delivery.
So how is the telecommunications industry responding to the challenge of messaging fraud? Do they have the resources to solve this problem, or do other players in the ecosystem need to step up as well?
Static operator firewalls were standard across the industry to block fraudulent messages on the network, but this technology is now outdated and is increasingly being out maneuvered by bad actors who are constantly adapting to the protections against their attacks.
Mobile operators do not want to “over block”, or access subscribers’ private messages, so the industry standard is to scan only messages that contain URLs.
In an attempt to fight fire with fire on this front, mobile operators are increasingly turning to AI network scanning to protect their network by blocking fraudulent messages in real-time. Today’s fraud actors simply have too many resources at their disposal, so AI is a necessary tool to combat smishing and messaging fraud. AI is an essential tool due to the sheer volume of messaging traffic, combined with the fact that bad actors are also utilizing AI.
Unfortunately, it is also the case that operators occasionally profit from fraudulent acts like artificially inflated traffic and SIM boxes that result in more messages being delivered, so some telcos do choose to look the other way when it comes to fraud.
This is not an issue that can be solved by the telecom industry alone. It will require close collaboration between governments, regulators, telecom operators and even software companies such as URL shorteners (who do not want their name associated with scams) to purge the networks of fraudulent actors.
If you would like to learn more about any of the topics covered in this article, or learn more about Openmind Networks’ suite of fraud prevention tools, you can contact our team of experts online here.