Consumer protection champions Which? have released a useful 10-point best practice guide, to help businesses keep their customers safe when using SMS, aligned with the work of MEF’s own SenderID Registry Initiative. Here’s a quick overview of the guide and where to download it.
SMS is a useful and effective business tool, with the vast majority of messages successfully reaching the intended recipient and with high open rates. More businesses are now using SMS to reach their customers, but this also makes SMS a valuable tool for scammers who mimic these legitimate businesses in their smishing attempts.
At Which?, we share warnings about current smishing attacks to help consumers spot these scams so they can protect themselves. We warn consumers that lots of scam texts try to get you to click on a link or call back a phone number. These messages can also include language that makes consumers feel panicked into taking a certain action. While scammers regularly use these techniques, unfortunately some legitimate businesses do as well. This makes it almost impossible for consumers to spot which messages they can trust and which are fraudulent as some legitimate messages can look suspicious.
Which? wants businesses to use SMS in a way that helps protect consumers from SMS scams, so we’ve developed a best practice guide for businesses. This guide includes our top ten tips for what businesses should and shouldn’t do when using SMS to communicate with their customers.
MEF’s SMS SenderID Protection Registry was established to automate cross-stakeholder processes to reliably and quickly share information to facilitate an orchestrated blocking system. The online platform helps identify and block fraudulent SMS texts, protecting consumers, legitimate businesses and organisations falling victim to text messaging scams. It enables organisations to register the message headers used when sending text messages to their customers and limits the ability of fraudsters to impersonate a brand by checking whether the sender is the genuine registered party.