Telcos must get a grip on the smishing threat
Smishing attacks or scam text messages grew by nearly 700% in six months in the UK, with calls on telcos to get a grip on the problem across the world, writes business technology journalist Antony Savvas
The rogue text messages, pretending to be from legitimate organisations such as banks, delivery companies and the phone networks themselves, aim to steal consumers’ money and personal information.
Proofpoint logs reports of smishing and has reported the above giant jump in the problem between the last six months of last year and the first six months of this year.
The attacks are a global problem, says Proofpoint, but reports of smishing in the UK are 15 times higher than reports of smishing in the US, it says.
It is believed there has been an increase in scams since the coronavirus pandemic broke out, as fraudsters looked to take advantage of changing shopping trends, with people ordering more online and getting greater numbers of deliveries to their homes, which usually generates legitimate messages to consumers.
Voicemail smishing, where scammers send a text pretending to have a link to a voicemail, is also a more recent threat technique.
No trust in texts
UK consumer champion Which?, says its research shows that 71% of people now say they don’t trust text messages from companies to be free from scam risks, which undermines a key segment of communication service providers’ business.
Best practice support
Mobile UK, the trade body representing mobile network operators; AICES, which represents delivery companies; and Consumers International, which speaks for consumer organisations in over 100 countries, are among those throwing their support behind the initiative.
In addition to these organisations, big delivery companies Hermes and DPD and banks Barclays and TSB, have also agreed to adopt Which?’s ten-point guide.
The guide recommends avoiding hyperlinks where possible, not including phone numbers and protecting company SMS Sender IDs so they cannot be spoofed by fraudsters.
Rocio Concha, Which? director of policy and advocacy, says: “Businesses must play their part to protect people from scams. Our SMS guide aims to help organisations differentiate their texts from the scammers impersonating them, so consumers can more easily recognise scam SMS messages.”
Mijo Soldin, director of operator strategy and partnerships at communications as-a-service firm Infobip, says mobile network operators have a crucial role to play as secure gate-keepers when it comes to smishing.
“The solution to this challenge is investment in AI (artificial intelligence) and ML (machine learning)-powered next-generation firewalls”, says Soldin.
“These can identify white route traffic and block grey route traffic, closing off low-quality, backdoor SMS routes, and are better equipped in tackling fraudulent SMS messages than their predecessors,” he says.
Soldin rightly adds: “The onus is on mobile network operators to protect customers, and creating solid digital defences, with next-generation SMS firewalls, will give telecommunication providers the upper-hand amongst competitors.”
With global communication service providers and the ecosystem around them looking to get the most out of the advanced business and consumer networks they are now building, the industry needs another technology cold war like a hole in the head.
We already have the turmoil still going on as a result of the US insisting that Huawei’s network kit is blocked from other countries’ new 5G networks, and ripped out from existing ones, on alleged potential spying grounds because it is a Chinese vendor.
Now, we have leading industry players afraid to speak to other Chinese companies in recognised network standards bodies.
Nokia has just returned to its activities in the O-RAN Alliance, after it was previously fearful of breaking US export regulations because of the involvement of Chinese companies in that Alliance. It had put on hold its activity in the standards body.
The Alliance is helping to develop cheaper open radio access network technologies, through allowing telcos to mix and match hardware and software components from different vendors to deliver advanced networks.
The technologies being developed as part of such standardisation efforts are designed to be global, interconnected and freely available, just like we are used to with the internet and the telecoms networks that support businesses and the activities of citizens around the world.
This ethos cannot be put back in a box, put on a shelf and marked “banned” as some sort of cold war exhibit.
The O-RAN Alliance says it has now made changes to its “participation documents and procedures”, after Nokia and others said they were concerned about working with Chinese companies named on the US Entity List, a list of companies the US claims pose a security threat.
Nokia was apparently afraid it could be hit with US legal action and sanctions from its involvement in the Alliance.
While it is unclear exactly what changes have been made to the Alliance’s working practices, it is also unclear what the US government will make of them, and whether this will be the end of the “problem”.
There will probably always be geopolitical tensions in the world, but in this case, hopefully a little dose of détente would prove useful, for everyone’s benefit.
Global tech firms have agreed to collaborate to increase diversity and equality in the technology industry, and comms firms are playing a leading part.
The #ChangeTheFace Alliance has been formed by Deloitte, Digital Boost, Ericsson, Facebook, Founders4Schools, Girl Effect, IBM, Nokia, PwC, Samsung, UN Women and Vodafone.
The founders are working together to share industry insights and best practice on diversity and equality, cooperate on initiatives to drive change and showcase Alliance member case studies for the entire tech industry.
Serpil Timuray, CEO Europe Cluster at Vodafone, says: “For the technology sector to reach its full potential, it needs to more fairly reflect the world in which we operate.
“As an alliance we will work together on the same goal: to build a digital future that is diverse and inclusive.”
Arun Bansal, president of Europe and Latin America at Ericsson, adds: “Diversity and inclusion are core to Ericsson’s values and as a global technology leader we believe in a total commitment to equal opportunity to ensure the digital future works for everyone, with no barriers of access.”
The idea for such an alliance was first launched by Vodafone last year, and now that it has the support of some big hitters, the effort will hopefully attract many others.
The author is Antony Savvas, a global freelance business technology journalist.