GSMA Outlines Findings From Spam Reporting Service Pilot

By Gsma, PRNE
Wednesday, February 9, 2011

70% of SMS spam is financial fraud

LONDON, February 10, 2011 - The GSMA today announced the findings from its pilot of the GSMA Spam
Reporting Service (SRS), which was conducted from March through December 2010
in conjunction with AT&T, Bell Mobility, KT, Korean Internet & Security
Agency (KISA), SFR, Sprint, and Vodafone. The GSMA SRS provides a worldwide
clearinghouse of messaging threats and misuse which have been reported by
mobile subscribers. The GSMA SRS pilot validated the solution requirements to
address mobile messaging misuse caused by spam, which is a growing issue for
consumers, mobile operators and regulators globally.

"As mobile phones are such a personal medium, SMS spam feels like a very
personal violation and customers may be tricked into becoming victims of
fraudulent and damaging attacks," said Jeremy Sewell, chief operating
officer, GSMA. "The mobile industry is focused on eradicating this scourge,
and the GSMA SRS offers a simple solution that is straightforward and quick
to implement, low cost and hugely effective at identifying very diverse and
sophisticated attacks. Protecting the consumer and increasing messaging
security is a priority, and by proactively controlling SMS spam, operators
are able to maintain trusted customer relationships."

The pilot analysed SMS traffic and identified and aggregated reports of
misuse submitted by consumers to participating networks via a short code.
Analysis of the pilot data indicated that spam is found across all networks,
and at levels higher than originally anticipated. It also showed that
addressing this would help improve the security and stability of networks and
help lessen unwanted traffic on networks which currently clogs and wastes
valuable bandwidth.

"We are delighted to be providing the technology behind the GSMA Spam
Reporting Service and will continue to collaborate with the GSMA and member
operators to evolve the SRS platform in every effort to secure operator
networks globally," said Hugh McCartney, chief executive officer, Cloudmark.
"As messaging spam has the potential to have detrimental financial
implications on the mobile ecosystem, we are confident that this
collaboration with the GSMA and the global mobile community will have
significant and lasting value to the further development of the mobile
industry."

Attackers are using sophisticated message modification techniques and
transmitting low volumes of messages from each sending number to avoid
detection over a long period of time. Their methods vary across different
regions, making global collaboration even more critical to combating this
issue. Further findings show that most spam originates on-network, followed
by peer networks and then through internet services, but each mobile network
operator (MNO) in the pilot was able to identify the source of the spam and
take immediate action.

The GSMA SRS will provide data-driven analysis which will help operators
gain greater visibility into their networks and the attack trends affecting
them. MNOs can now understand the nature and methods of attack on the
network, and quantify the volume and impact of attacks to develop more
efficient and encompassing security strategies. The GSMA SRS will also enable
operators to share attack information with their peers within the MNO
community, helping build a collaborative defense against attackers. The GSMA
SRS enables operators to be even more proactive in strengthening their
internal security practices to address mobile spam, maintaining the integrity
and value of mobile messaging for consumers who are more and more frequently
using mobile to interact with financial, health, and legitimate advertising
services.

GSMA Spam Reporting Service Highlights

Although nearly one-tenth of spam attacks identified were adult in
content, the majority of attacks were for financial gain, with 70% of reports
of spam being for fraudulent financial services rather than the traditional
advertising scenarios found in email spam. Further, attacks can be split into
three categories:

    - Phishing attempts - where the attacker is attempting to collect
      financial information from the subscriber. This was often done using a
      URL in the message with a deceptive website or a call to action was to
      call a fraudulent call centre which attempted to harvest bank details
      or identity information. A typical message would be that the recipient
      had won a lottery or gift card and had to call to make their claim;
    - Social engineering scams - such as loan or gambling scams where the
      call to action was often to simply reply to the sender in order to
      then con the subscriber into transferring cash; or
    - Premium rate fraud - here a phone number was embedded in the SMS
      message and if the subscriber calls or texts the number premium rate
      charges are unwittingly paid to the attacker. A typical message would
      be a notification that the subscriber had received a dating or adult
      services message.

Some regional differences in the type and content of messages were also
observed. In Asia, the majority of attacks were driving click fraud relating
to gambling sites, followed by fraudulent loan services. In Europe,
approximately a quarter of reports related to fraudulent lottery, loan and
insurance claim services and a fifth were adult in nature. In North America,
there was a large proportion of reports relating to loans and pay day
advances.

GSMA Spam Reporting Service Methodology

The GSMA SRS pilot was carried out on behalf of the GSMA by Cloudmark,
Inc., who is now a formal partner providing the service on behalf of the
GSMA. The short code '7726', which spells "SPAM" on most phones, was used
where local national numbering plans permit, in conjunction with an
additional code '33700', a universally recognised simple code, to encourage
consumers to report instances of SMS spam. With this reporting mechanism,
consumers were able to direct alleged spam to a responsive feedback system,
which acknowledged the report and informed service providers so that
appropriate action can be taken. This action can include investigations,
warnings and blocking of senders who have been repeatedly reported by end
users as sending unsolicited or fraudulent messages.

GSMA Spam Reporting Service Results Presentation

The GSMA is holding seminars at Mobile World Congress 2011 in Barcelona
on the Spam Reporting Service pilot results, where participants can see the
data and hear the conclusions from the participants, understand the benefits
of being part of the solution and meet the industry experts:

    Hall 7, Seminar Theatre
    Monday       14th  Feb     0900-1030
    Tuesday      15th  Feb     1630-1800

For further information, please visit
www.gsmworld.com/our-work/mobile_lifestyle/5840.htm or contact
srs@gsm.org

About the GSMA

The GSMA represents the interests of the worldwide mobile communications
industry. Spanning 219 countries, the GSMA unites nearly 800 of the world's
mobile operators, as well as more than 200 companies in the broader mobile
ecosystem, including handset makers, software companies, equipment providers,
Internet companies, and media and entertainment organisations. The GSMA is
focused on innovating, incubating and creating new opportunities for its
membership, all with the end goal of driving the growth of the mobile
communications industry.

For more information, please visit Mobile World Live, the new online
portal for the mobile communications industry, at
www.mobileworldlive.com or the GSMA corporate website at
www.gsmworld.com.

Additional Quotes

"The mobile community has an increasingly critical role to play in the
fight against SMS Spam. Mobile spam reporting helps network operators detect
attacks quickly, empowers our subscribers, and allows us to maintain the best
mobile experience for our customers."

Scott McElroy, Vice President, AT&T Labs

"Participation in the GSMA project has given KISA a good opportunity to
be actively involved in the discussions for international cooperation, such
as standards formation regarding the spam reporting method. The KISA will
secure professional capabilities and aims to be a world leading organization
in the area of spam response in the future."

Rhee Myung-soo, Vice President, KISA

"We are pleased with the pilot results of the GSMA Spam Reporting
Service. The collaboration of operators in different regions around the world
compliments the success of Korea's national mobile spam reporting service. We
firmly believe that SMS messaging spam is a global issue and should be
addressed collaboratively with mobile operators and mobile consumers working
together in defense."

Juncheol Lee, Vice President, KT

"The GSMA SRS has provided valuable insight into the nature and method of
attacks on the network. As attackers continue to use more sophisticated
techniques and low volumes of messages to avoid detection, we can leverage
the data and knowledge gained from the GSMA SRS to address the threats with
the most effective and efficient security strategy."

Jean-Yves Poichotte, Group Information Security and Fraud Director, SFR

Ben Evetts, + 44-(0)-7879-614941, bevetts at webershandwick.com, press at gsm.org

YOUR VIEW POINT
NAME : (REQUIRED)
MAIL : (REQUIRED)
will not be displayed
WEBSITE : (OPTIONAL)
YOUR
COMMENT :