Enterprise messaging fraud costs the industry an estimated $2 billion per anum and is a persistent threat to consumer trust. Ultimately it undermines the long-term sustainability of all players within the enterprise messaging ecosystem.

MEF’s recently published Enterprise Mobile Messaging Fraud Framework 2.0, developed by MEF’s cross-sector Working Group and part of the Future of Messaging Programme, identifies the 13 types fraud types that are affecting the messaging ecosystem and the measures needed to tackle these sharp practices.

Over the coming weeks, MEF Minute will explain each fraud type in more detail.  This week, we take a look at SMS Originator Spoofing. Download the Framework now. 

Definition

SMS Originator Spoofing [Spoofing] is the act changing an originator to hide a sender’s true identity and trick a consumer into thinking a message is from
someone they know or a legitimate commercial entity. For example, by spoofing a short code or falsely using the originator “Apple”, or “HMRC” [UK
Tax Office] or ‘[your family member].

Spoofing does not involve the use random originators, which falls under SIM Farm Fraud.

Cause

• Lead generation by pretending to be a known company to verify whether a MSISDN is live and active, or to generate new business, eg, a sender pretending to be Vodafone to determine if a Vodafone customer’s contract is due for renewal
• Using a short code which offers a two-way reply path to return a consumer’s response to a rogue third party instead of a legitimate enterprise
• Sending unwelcome or abusive messages to an individual but pretending to be someone else
• SMS Phishing to extract sensitive personal and confidential financial information to try and steal from a mobile subscriber