GSMA Outlines Findings From Spam Reporting Service Pilot

LONDON, February 10, 2011 /PRNewswire/ --

- 70% of SMS spam is financial fraud

The GSMA today announced the findings from its pilot of the GSMA Spam Reporting Service (SRS), which was conducted from March through December 2010 in conjunction with AT&T, Bell Mobility, KT, Korean Internet & Security Agency (KISA), SFR, Sprint, and Vodafone. The GSMA SRS provides a worldwide clearinghouse of messaging threats and misuse which have been reported by mobile subscribers. The GSMA SRS pilot validated the solution requirements to address mobile messaging misuse caused by spam, which is a growing issue for consumers, mobile operators and regulators globally.

"As mobile phones are such a personal medium, SMS spam feels like a very personal violation and customers may be tricked into becoming victims of fraudulent and damaging attacks," said Jeremy Sewell, chief operating officer, GSMA. "The mobile industry is focused on eradicating this scourge, and the GSMA SRS offers a simple solution that is straightforward and quick to implement, low cost and hugely effective at identifying very diverse and sophisticated attacks. Protecting the consumer and increasing messaging security is a priority, and by proactively controlling SMS spam, operators are able to maintain trusted customer relationships."

The pilot analysed SMS traffic and identified and aggregated reports of misuse submitted by consumers to participating networks via a short code. Analysis of the pilot data indicated that spam is found across all networks, and at levels higher than originally anticipated. It also showed that addressing this would help improve the security and stability of networks and help lessen unwanted traffic on networks which currently clogs and wastes valuable bandwidth.

"We are delighted to be providing the technology behind the GSMA Spam Reporting Service and will continue to collaborate with the GSMA and member operators to evolve the SRS platform in every effort to secure operator networks globally," said Hugh McCartney, chief executive officer, Cloudmark. "As messaging spam has the potential to have detrimental financial implications on the mobile ecosystem, we are confident that this collaboration with the GSMA and the global mobile community will have significant and lasting value to the further development of the mobile industry."

Attackers are using sophisticated message modification techniques and transmitting low volumes of messages from each sending number to avoid detection over a long period of time. Their methods vary across different regions, making global collaboration even more critical to combating this issue. Further findings show that most spam originates on-network, followed by peer networks and then through internet services, but each mobile network operator (MNO) in the pilot was able to identify the source of the spam and take immediate action.

The GSMA SRS will provide data-driven analysis which will help operators gain greater visibility into their networks and the attack trends affecting them. MNOs can now understand the nature and methods of attack on the network, and quantify the volume and impact of attacks to develop more efficient and encompassing security strategies. The GSMA SRS will also enable operators to share attack information with their peers within the MNO community, helping build a collaborative defense against attackers. The GSMA SRS enables operators to be even more proactive in strengthening their internal security practices to address mobile spam, maintaining the integrity and value of mobile messaging for consumers who are more and more frequently using mobile to interact with financial, health, and legitimate advertising services.

GSMA Spam Reporting Service Highlights

Although nearly one-tenth of spam attacks identified were adult in content, the majority of attacks were for financial gain, with 70% of reports of spam being for fraudulent financial services rather than the traditional advertising scenarios found in email spam. Further, attacks can be split into three categories:

    
    - Phishing attempts - where the attacker is attempting to collect
      financial information from the subscriber. This was often done using a
      URL in the message with a deceptive website or a call to action was to
      call a fraudulent call centre which attempted to harvest bank details
      or identity information. A typical message would be that the recipient
      had won a lottery or gift card and had to call to make their claim;
    - Social engineering scams - such as loan or gambling scams where the
      call to action was often to simply reply to the sender in order to
      then con the subscriber into transferring cash; or
    - Premium rate fraud - here a phone number was embedded in the SMS
      message and if the subscriber calls or texts the number premium rate
      charges are unwittingly paid to the attacker. A typical message would
      be a notification that the subscriber had received a dating or adult
      services message.

Some regional differences in the type and content of messages were also observed. In Asia, the majority of attacks were driving click fraud relating to gambling sites, followed by fraudulent loan services. In Europe, approximately a quarter of reports related to fraudulent lottery, loan and insurance claim services and a fifth were adult in nature. In North America, there was a large proportion of reports relating to loans and pay day advances.

GSMA Spam Reporting Service Methodology

The GSMA SRS pilot was carried out on behalf of the GSMA by Cloudmark, Inc., who is now a formal partner providing the service on behalf of the GSMA. The short code '7726', which spells "SPAM" on most phones, was used where local national numbering plans permit, in conjunction with an additional code '33700', a universally recognised simple code, to encourage consumers to report instances of SMS spam. With this reporting mechanism, consumers were able to direct alleged spam to a responsive feedback system, which acknowledged the report and informed service providers so that appropriate action can be taken. This action can include investigations, warnings and blocking of senders who have been repeatedly reported by end users as sending unsolicited or fraudulent messages.

GSMA Spam Reporting Service Results Presentation

The GSMA is holding seminars at Mobile World Congress 2011 in Barcelona on the Spam Reporting Service pilot results, where participants can see the data and hear the conclusions from the participants, understand the benefits of being part of the solution and meet the industry experts:

    
    Hall 7, Seminar Theatre
    Monday       14th  Feb     0900-1030
    Tuesday      15th  Feb     1630-1800

For further information, please visit http://www.gsmworld.com/our-work/mobile_lifestyle/5840.htm or contact srs@gsm.org

About the GSMA

The GSMA represents the interests of the worldwide mobile communications industry. Spanning 219 countries, the GSMA unites nearly 800 of the world's mobile operators, as well as more than 200 companies in the broader mobile ecosystem, including handset makers, software companies, equipment providers, Internet companies, and media and entertainment organisations. The GSMA is focused on innovating, incubating and creating new opportunities for its membership, all with the end goal of driving the growth of the mobile communications industry.

For more information, please visit Mobile World Live, the new online portal for the mobile communications industry, at http://www.mobileworldlive.com or the GSMA corporate website at http://www.gsmworld.com.

Additional Quotes

"The mobile community has an increasingly critical role to play in the fight against SMS Spam. Mobile spam reporting helps network operators detect attacks quickly, empowers our subscribers, and allows us to maintain the best mobile experience for our customers."

Scott McElroy, Vice President, AT&T Labs

"Participation in the GSMA project has given KISA a good opportunity to be actively involved in the discussions for international cooperation, such as standards formation regarding the spam reporting method. The KISA will secure professional capabilities and aims to be a world leading organization in the area of spam response in the future."

Rhee Myung-soo, Vice President, KISA

"We are pleased with the pilot results of the GSMA Spam Reporting Service. The collaboration of operators in different regions around the world compliments the success of Korea's national mobile spam reporting service. We firmly believe that SMS messaging spam is a global issue and should be addressed collaboratively with mobile operators and mobile consumers working together in defense."

Juncheol Lee, Vice President, KT

"The GSMA SRS has provided valuable insight into the nature and method of attacks on the network. As attackers continue to use more sophisticated techniques and low volumes of messages to avoid detection, we can leverage the data and knowledge gained from the GSMA SRS to address the threats with the most effective and efficient security strategy."

Jean-Yves Poichotte, Group Information Security and Fraud Director, SFR

SOURCE GSMA