Art Art
November 28, 2023

SMS Fraud Threats

SMS Fraud Threats

Application-to-Person SMS Messaging serves as a potent marketing tool, empowering businesses to engage with their customers swiftly and cost-effectively. Companies employ it for dispatching notifications about promotions and discounts, confirming transactions, issuing time-sensitive alerts, and delivering one-time passcodes for two-factor authentication, among other purposes.

Simultaneously, A2P SMS traffic constitutes a substantial source of continually expanding revenue for mobile network operators. As per Statista, it is projected to yield a global income of approximately $53 billion for MNOs in 2023, with expectations of reaching $78 billion by 2027.

Regrettably, A2P SMS remains a favoured target for a variety of scams that impact all stakeholders: businesses, their clientele, and mobile operators alike. Furthermore, fraud is growing increasingly sophisticated and challenging to identify, compelling operators to seek more effective methods of gaining control over their networks and safeguarding them. Let’s explore the primary A2P messaging threats and emerging risks for 2023.

Traffic Filtering

In this fraudulent scheme, dishonest partners selectively deliver only critical messages, such as transactional ones, to companies’ customers, while filtering out informational and promotional messages, all while still receiving compensation for their delivery. This results in businesses losing a crucial channel for communicating with their audiences, and operators can suffer significant reputational damage.

Collusion with National Aggregators

This type of fraud capitalises on the distinction between national and international A2P billing and could lead to a substantial depletion of the operator’s revenues. In this scenario, an international partner collaborates with a local aggregator that already manages traffic termination for a local service. They mutually agree to transmit international A2P messages at a lower national A2P rate to evade paying the full price for the operator’s service.

SIM Farms

This popular fraudulent technique also exploits the pricing disparity, this time between A2P and P2P messaging. Fraudsters employ hardware equipped with numerous prepaid P2P SIM cards. A2P messages are initially delivered to this equipment and then dispatched from it as P2P messages, which is considerably cheaper. Scammers profit from the difference between the price paid by enterprises for sending A2P SMS and the cost of P2P messaging, while operators lose out on their rightful earnings. Sim farms are the most popular type of so-called gray routes. According to some estimates, up to 45% of all A2P messages can be sent this way, causing mobile operators to lose billions of dollars in revenue.

Flash Calls

Flash calls are becoming an increasingly popular method for companies to authenticate their users during two-factor authentication (2FA). Instead of sending the password in a message, they embed it in the incoming call number. Since there is no charge for these zero-duration calls, they are an excellent way for businesses to save money, while for operators, they mean losing some revenue from A2P SMS traffic. Although flash calls are not illegal, they exhibit all the hallmarks of fraud, as they enable scammers to utilize the services of mobile operators without paying for them. The popularity of this type of fraud is growing. It is predicted that operators will lose about $1.3 billion due to undetected flash calls between 2023 and 2027.

Artificial Traffic Generation

Artificial Traffic Generation is a relatively recent and escalating threat primarily affecting businesses, including famous brands. It involves triggering a surge in fake traffic from legitimate online services. Fraudsters employ bots to generate a vast number of counterfeit accounts within a company’s system, associating them with premium-rate numbers. All of these accounts subsequently request one-time passcodes to verify these numerous “users” in a two-factor authentication process. Companies incur substantial financial losses by sending passcodes to bots, and operators risk tarnishing their reputations.

In conclusion, it is essential to acknowledge that A2P SMS fraud is becoming progressively intricate and cunning. Attackers have honed their techniques to a high degree, making it substantially more challenging to identify their activities. The sole path for mobile operators to counteract such scams is to implement tools and practices that offer enhanced visibility into their networks. By investing in advanced fraud management systems, they can bolster their capacity to identify suspicious traffic, detect gray routes, and take measures to safeguard their customers, end-users, and revenues.

TelcoGuard’s customizable solutions is a key enabler for the sustainable growth of A2P SMS and voice traffic. Our advanced technology is designed to completely eliminate revenue losses for operators due to fraudulent message delivery, ensuring that A2P SMS traffic stays within legal and monetised channels.

Contact us today to learn more about how TelcoGuard can protect your revenue and ensure the financial future of your network.