Sinch expands to Brazil through acquisition of TWW - Find out more! Read more
A man in a pink shirt using his cell phone to send an SMS

UK smishing: How Sinch keeps your business protected

Fraud and Security, SMS · 05/09/2019 · 5 min read

by Sinch

In today’s increasingly digital world, we’re more at risk for data breaches and security threats than ever before. This means there are serious dangers in doing business via the internet and now mobile, and even more ways for fraudsters to compromise your customers’ data.

With the growing popularity of A2P (application-to-person) SMS, mobile users are at risk of receiving targeted campaigns aimed at stealing their personal information. This is especially true in the UK, where a new wave of mobile-phone based scams called “smishing” (aka SMS phishing) have emerged across all major Mobile Network Operators (MNOs). 

Much like traditional SMS spam, smishing can contain unsolicited marketing messages or unwanted content sent to mobile customers. These messages attempt to trick users to divulge personal details via SMS. Some scams even try to steal money via copycat websites that require payment or credit card details. The InfoSec Institute reports that well-known companies are often used to dupe victims. For example, Barclays was used to alert users of “suspicious activity” in their account, and asked the recipient to improve their account security by clicking on a purportedly secure Barclays link to update their security software. Response trigger: thank goodness someone is looking out for me. 

Scammers can also target mobile customers by using publicly available number ranges for each MNO. ISPreview notes that since May 2018, there has been a rise across all UK networks of bank fraud and in particular ‘port-out’ fraud which sees scammers contacting providers and requesting to change a mobile number to a new mobile network, before using it to empty victims’ bank accounts. 

How Sinch Can Help 

At Sinch, we take security very seriously. Its our top priority to keep your messaging traffic running smoothly and your customers’ data protected at all times. For example, we actively monitor for fraudulent SMS campaigns and suspicious activity on our platform. We take the necessary actions to block unwanted messages for any at-risk customers. 

To address the onset of smishing and the increase in fraudulent SMS activity mainly related to the banking industry in the UK, we have updated our filtering policies. This means that messaging traffic sent to certain +44 destination numbers related to specific brands will be blocked by our firewall to protect MNOs and mobile users from getting any spam or smishing messages. If you are a Sinch customer, we recommend that you monitor for error code 406 and contact your account manager for more details on what messaging traffic will be blocked by the Sinch filter.  

Get the Code 

In addition to hawkishly monitoring our network for fraudulent messaging traffic, Sinch is leading the charge with global industry leaders and influencers to create a more safe and secure mobile environment for all. Our mission: to drive market clean-up and major change within the messaging industry. So, we’ve joined forces with the Mobile Ecosystem Forum (MEF) to disrupt the norm with new guidelines for all A2P SMS players. It’s known as MEF’s Trust in Enterprise Messaging (TEM) service and Code of Conduct. 

The MEF Code of Conduct sets out the best practices for everyone operating within the A2P SMS sector. It’s based on 10 guiding principles on commercial, procedural and technical requirements, as well as an emphasis on consumer protection. As an enterprise business, it’s critical that you work with an A2P SMS provider that has your best interest at heart. Download our guide for all the details you need to know about the Code and how to protect your business from losing any customers in the long run. 

Contact Us 

At Sinch, we’re determined to tackle SMS fraud and protect both businesses and consumers. With more security threats like smishing cropping up each day, we’re committed to underscoring trust in enterprise messaging for all A2P messaging players. As a global leader, we’re dedicated to providing the highest quality SMS services with our deep Tier 1 integrations with mobile operators around the world. Contact us today!