Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response

SMS Spam – Thnx – C U in Court m8

Created: 20 Jun 2007 07:00:00 GMT • Updated: 23 Jan 2014 18:48:36 GMT
Ollie  Whitehouse's picture
0 0 Votes
Login to vote

In the words of the Ghost Busters, “We’ve got one…” We’ve got what?, I hear you ask. We now have an example of alleged SMS spam with some real statistics rather than the usual conjecture. We know SMS spam has been growing through the monitoring of such sites as Grumble Text [1] however we’ve never had true insight into the scale of a professional SMS spamming operation.

Well recently that changed - TelecomWeb broke the story [2] that,

“Verizon Wireless filed a lawsuit against Nev.-based I-VEST Global Corporation and various "John Does," alleging they sent unsolicited commercial electronic messages (wireless spam) to its customers.” and that “The lawsuit, filed in U.S. District Court in Trenton, N.J., alleges that, beginning in April, I-VEST attempted to send more than 12 million text messages to Verizon Wireless handsets, offering information about buying stocks or real estate. However, the carrier says spam filtering and network monitoring actions it took prevented the vast majority of "the messages from getting through to subscribers' handsets and resulted in fewer than 5,000 messages being delivered."

So this shows us that the attempt was of a reasonable size, and that the anti-spam and network monitoring tools in place allowed them to either automatically block or react in a timely fashion to block the spam run.

What about the court documents? Well the court documents are available on Pacer [3] and, while the first provides details of the complaint [4], both actually provide some examples of the SMS spam allegedly sent [4] [5 – Exhibit A].

From reading the court documents, some interesting things emerge. The first is that in the first document, [4] point 27, Verizon mention that they had to develop and purchase systems in order to combat the defendant’s Spam operation. Point 28 describes the strain that the attack placed on the Verizon SMSC and associated infrastructure.

Anyway, a fascinating insight into the scale and the ramifications of SMS spam on operators.

A short note to thank Khoi Nguyen and Eric Chien of Symantec, for bringing the information to my attention and finding the court documents, respectively.

[4] Verizon1.pdf
[5] Verizon2.pdf