Fraud & Identity Fraud & Identity


Fraud & Identity Featured Article

April 18, 2017

How Secure is Your A2P Messaging?

There was a time when A2P messaging was simply known as application-to-person messaging. In some spheres, it was even referred to as enterprise or professional SMS. It was a convenient way for companies to reach out to numerous customers at one time, sending out deals and other offers to those who had subscribed to the service. However, A2P messaging, like too many other good things, has been tinged by the exploits of malevolent actors.


As we’ve discussed previously, grey routes are one of the most common causes of fraudulent A2P messaging. Grey route messaging occurs when A2P messages that originate outside of authorized networks infiltrate service provider networks. They do this by exploiting traffic channels that are meant for P2P (person-to-person) messaging. Essentially, people who did not sign up for alerts from a company start getting spammed with unwanted texts. Since it’s almost impossible for businesses to realize they’ve been infiltrated without the help of anti-fraud solutions, it’s difficult to stop the messages from going out. This ultimately results in heavy fines on the companies, a loss of reputation, and some very angry customers.

However, according to the Mobile Ecosystem Forum (MEF) there are 10 additional types of fraud that put genuine A2P messaging at risk—let’s take a look at a few of the most common techniques.

 Oddly enough, some of these fraudulent activities are caused by the companies themselves. For instance, Spam occurs when overzealous marketers knowingly send promotional messages to bought or farmed lists of telephone numbers in order to increase sales. It can also occur if the company does not manage its customer data correctly by failing to verify that customer numbers are correct or by not obtaining consent from said customer to send messages. Meanwhile, SMS Originator Spoofing hides the company’s true identity by making the receiver think the message is from someone they know. These two aren’t particularly harmful, just annoying.

On the other hand, there are various forms of fraud that are out to steal from/harm the customer. SMiShing (SMS Phishing) combines Spam and SMS Originator Spoofing, along with social engineering techniques, to text customers in an attempt to gain access to their online systems, accounts or data (ie. credit card information). On the same note, SMS Malware can be distributed through A2P messaging in an attempt to gain access to a mobile subscriber’s OS and sensitive information such as banking passwords.

Although there are various ways in which A2P messaging can be taken advantage of, the results are always the same. As MEF states, “Fraud within the messaging ecosystem affects everyone, be it directly or indirectly, no matter where you sit within the value chain. If consumers lose faith in SMS, or consumer complaints drive the imposition of overbearing regulations, then this quick, nimble, immediate and effective means of communication may be lost.”

A2P messaging was once an easy, trustworthy way to contact customers who had subscribed to the service. Now, each message sent out is a potential danger to the customer on the receiving end. It would be a shame to give up on this form of communication entirely, though, given that texting is so convenient. That’s why it’s important for companies to invest in anti-fraud solutions, to protect themselves and their customers.




Edited by Maurice Nagle

Article comments powered by Disqus






Industry Insights

(MobileID) Proactive Fraud Prevention

Interconnect-related fraud such as International Revenue Share Fraud (IRSF) and PBX hacking fraud continue to be a billion dollar problem to the telecom industry.

(Defender Shield) Defense solutions for the modern SMS ecosystem

SMS is a ubiquitous communication method for person-to-person (P2P) text messaging, which has been in use globally for nearly 20 years.

(Defender Shield) Preventing Grey Routes and the Multi-billion dollar Threat

The convenience of mobile messaging has brought communication efficiency to billions of consumers worldwide. As is often the case with widely accepted technologies; however, convenience can provide a vulnerable gateway to fraudulent activity.

Product Documents

Asset Protect

While unlimited or high-volume voice and SMS plans offer great value to subscribers, sometimes fraudsters exploit these plans to avoid paying termination and interconnect fees.

Defender Shield

In a world with ever-increasing Application-to-Person (A2P) messaging needs and competition, improving customer satisfaction and eliminating revenue leakage is key for protecting SMS profits.

MobileID

Accurate and cost-efficient routing of voice calls and SMS is critical. Unfortunately, gathering reliable routing data on ported numbers and keeping up with constant changes in number plans is expensive and time-consuming.

Fraud Solutions

Communications fraud is a $20B annual global problem and growing. Companies are looking for peace of mind so that their business and their customers are protected from the onslaught of technology crime that is damaging their reputations and their balance sheets.