Best practices for SMS carriers

Four Types of SMS Fraud

Skyward presents its extensive research on the most prevalent forms of SMS fraud and provides solutions to effectively counteract these threats.

In today's reality of hyper-connected world, the telecom industry faces an ever-looming threat of fraudulent SMS traffic, which poses a significant disruption to telecom carriers, undermining the reliability and credibility of their routes. Our primary goal is to tackle this issue by thoroughly analyzing the most prevalent forms of SMS fraud and devising effective strategies to combat them.

Phishing traffic

Among other fraudulent activities, phishing is the most common and most harmful one. It damages almost every carrier’s business causing significant losses in reputation and making operators apply strict regulation against incoming traffic.
In the context of phishing SMS traffic targeting A2P SMS carriers, the attackers exploit vulnerabilities in the system to send fraudulent messages that appear to be legitimate. They may disguise themselves as trusted entities such as banks, government agencies, or well-known brands to trick recipients into providing personal information, clicking on malicious links, or downloading harmful content.
This type of fraudulent activity can be identified through several distinctive features: it actively urges the recipient to engage in a financially beneficial action and consistently includes a hyperlink to facilitate this process. These deceptive websites often imitate reputable brands or local services, employing a phishing technique known as spoofing. However, they can be readily distinguished by their noticeably inferior quality and substandard design.

The recommended method in the industry for addressing this traffic is to manage it by maintaining whitelists of sender IDs and/or URLs that are known to be safe when communicating with potentially risky destinations. This approach enables carriers to ensure that only messages that have been pre-approved are allowed to pass through their important routes.


Gambling traffic

Although gambling traffic is generally not perceived as fraudulent, certain countries have strict regulations regarding this activity. Failure to comply with these restrictions may result in penalties imposed by local authorities.
The increasing shift of gambling activities to online platforms has opened up avenues for unauthorized casino and betting providers to establish their operations. This trend is particularly prominent in countries where legal alternatives are not available. The utilization of SMS traffic by these unauthorized companies poses a potential risk for A2P aggregators of getting restrictions from their suppliers.
The detection of gambling traffic is not a difficult task due to the consistent patterns and keywords present in the messages. However, the challenge lies in determining the legality of the identified traffic. This is because certain countries have intricate regulations regarding gambling, such as maintaining a dynamic list of licensed providers. As a result, aggregators must manually monitor and update their filters to ensure compliance with the changing regulations.
The recommended industry solution for managing gambling traffic is to maintain whitelists for countries where this activity is legally regulated. The implementation methods may vary based on the specific destination, such as using a whitelist of trusted domains or obtaining data on current casino and betting service subscribers to ensure that only they receive the messages.

Another effective method for handling such traffic is to employ solutions that process and classify SMS messages, including those with gambling content.

Unsolicited traffic

Unsolicited traffic, or "spam," is a significant issue impacting the SMS carrier industry that may often go unnoticed.
Unsolicited messages are any messages sent to the end-user without their permission, such as marketing traffic the person did not sign up for. The main cause of this traffic is artificial pumping (or AIT). Athough some SMS carriers may not feel the immediate impact of this traffic, it is important to recognize that unsolicited messages harm the entire industry by eroding trust in SMS as a reliable communication channel for businesses and customers.This trend ultimately forces enterprises to shift away from using SMS, leading to a notable decrease in the market.
Detecting and addressing this type of traffic can be challenging, as it is difficult to determine from the message itself whether it is expected by the user or not. Hence, operators should monitor fluctuations in delivery quality indicators, especially in comparison to the similar traffic profile, and ensure compliance with local regulations for message sending (e.g. sending SMS during DND hours, lack of wholesale out options, etc.).

To properly address the issue, sms providers should carry out regular activities such as maintaining country-specific traffic flow rules (e.g. not allowing marketing messages in DND hours), and performing number verification for the traffic with relatively lower delivery rates.

Furthermore, it is crucial to establish a transparent and seamless process for handling complaints regarding unwanted traffic. This will ensure that the source of such traffic can be traced back throughout the entire chain.


Artificial traffic

Artificially inflated traffic, also referred to as AIT or SMS pumping, poses a significant challenge for A2P aggregators. Moreover, this issue has a widespread impact on all entities involved in the SMS chain, ranging from enterprise originators to Mobile Network Operators (MNOs).
The concept of AIT traffic is rather straightforward - attackers generate fake traffic towards specific destinations using various methods. This seemingly small and simple action allows them to reap significant benefits: it helps fulfill the volume-based deals they have with their suppliers and overall boosts their revenue and profit margins. This scenario is particularly advantageous for providers who have exclusive partnerships with mobile network operators or strong connections with major OTT service providers.
Detection of AIT is a great challenge for the industry, as this traffic comes from trusted sources (major OTT players), contains regular text (OTP codes and notifications), and aims for real service subscribers.
The most effective strategy for the industry is to implement traffic validation services. However, there is a limited number of options available in the market that can effectively combat the AIT threat, particularly in real-time. One notable solution in this regard is the ATD system developed by Skyward.

Handling AIT is an industry-level challenge - every player should contribute with what they can to stop this disease. For A2P aggregators and SMS carriers the best practice will be reporting the AIT cases back to their customers to allow tracking them to the source.

Aggregators may also protect themselves by using inspection and detection services, some of which offer real-time detection and filtering (e.g. ATD) to stop the artificial traffic before it’s transmitted.

Note: AIT traffic can inflict detrimental consequences on SMS carriers, such as price exploitation. In situations where a company fails to update its rates during a general market increase, attackers exploit this vulnerability by inundating them with traffic until the outdated rate remains active.
Spam Detection System (SDS)
An example of a solution that process and classify SMS messages, including those with phishing, gambling, unsolicited, and artificial content is the Spam Detection System provided by Skyward. It has already demonstrated its effectiveness in assisting A2P SMS carriers in protecting their routes and filtering out potentially harmful messages.
To learn more about SDS, please visit the product page.