North America SMS SPAM – The Case of the Recent Cross Carrier SPAM

Interesting tidbit: I subscribe to the Messaging Newsemail newsletter. (I don’t actually remember signing up for it – buthey ho). I couldn’t find this replicated on their site so I am going toquote the interesting bits of the newsletter.

What caught by eye was the title ‘Cell Phone Users Experience Text Spam’. We’ve discussed this before with the most interesting incident being when one operator took legal action. Anyway back to the Messaging News newsletter, they said the following:

“Across the country this past weekend, many folks received a spammessage for the first time. While a common problem with email, theshear volume that bypassed filters resulted in this being the firstinstance of text spam to be received by so many cell phone users. Itwas the usual stock offering spam.”

They then when into more detail, before getting quotes from a number of operators:

“Verizon Wireless suspects the attack used an automated randomdialer.”We take great lengths in the way of filters and technology toactually block most of these," notes Verizon Wireless spokeswomanGeorgia Taylor. "Up to 50,000 text messages are blocked each day."Sprint spokeswoman Caroline Semerdjian believes there were twosimultaneous spam attacks that worked to overload their filters,allowing many of the junk messages to make it through to users' phones.Customers of AT&T and U.S. Cellular have also acknowledgedreceiving the same spam message. If this persists, one can only imaginethe headache this will cause the major carriers, as customer service isclogged with refund requests for unwanted text messages.”

If nothing else, this is anecdotal evidence that it’s getting worse,since assorted PR teams are aware and willing to comment on the issue.Also, don’t forget this is only two months since legal action was filedagainst one SMS spammer…

I guess, sadly, our predictions, although obvious, are starting to slowly be born out. I guess thecost barrier in sending SMS messages has become so low that thespammers are seeing enough of a return to go down this route. I guessthis is a good time to also mention that the forthcoming Norton MobileSecurity does have anti-SMS-SPAM functionality.

Finally Eric Chienfrom Symantec popped me an email to let me know about Yahoo launchingtheir SMS gateway [5]. This is interesting as it uses Web 2.0technologies via their Web Chat system to allow you to converse withpeople via SMS. While I applaud Yahoo for their convergence push, itdoes obviously raise interesting potential issues around securityfurther down the line (no need to detail them here to help the badpeople). Eric did note that Yahoo had at least considered thepossibility of abuse – the first time you send a message to someone viathe system it sends a message to the user saying:

“"The Yahoo! Messenger user "iheartsymantec" has sent you a message,Reply with "y" to this message to accept. For more info, visitmobile.yahoo.com"

This should prove a bump in the road at least.Interesting time for mobile messaging and the threats they are goingto face. I guess it’s time to get the popcorn and see how it allunfolds.