Rogue aggregators, fake accounts, fortunes lost: the fraudulent and organized sending of bogus SMS messages costs brands billions annually.
It’s not surprising given the boom in mobile phone applications.
One Time Password (OTP) authentication via SMS is the most common authentication method used globally for enterprises.
However, with all of that enhanced app-powered convenience for consumers comes increased opportunities for cybercriminals.
One of their more recent scams – Artificial Inflated Traffic (AIT) – is a significant contributor to an estimated $39 billion lost to US telecom fraud last year. AIT – where enterprises pay for authentication or other SMS traffic for fake users that don’t exist – can drain money from businesses, especially those that send high volumes of SMS. Enterprises with the largest user bases, such as big tech companies with millions or billions of users, are affected the most. In early 2023, one massive tech brand reported that it may have lost $60 million per year to bogus bot-generated traffic.
Everyone knows that cybercrime is virtually impossible to eradicate completely, but it is possible to mitigate effectively against the threat of AIT. To do so, enterprises and their IT service providers must partner with vendors with the tools and the know-how to strike back.
“AIT not only negatively impacts a company’s SMS costs, it can also severely damage customer trust levels and brand reputation – any investment that helps to prevent those things from occurring will deliver a swift return,” says Luca Sacanna, Head of Carrier Relations at Mitto, a leading provider of global omnichannel communications solutions, whose powerful, real-time traffic monitoring tools are a perfect example.
“Businesses should not take a chance on letting the problem continue. They should do all they can to put an end to bad actors hurting their brand.”
One of the most common types of AIT for SMS begins with fraudsters using bots to create fake customer accounts that require OTP authentication. Since OTPs aren’t considered spam by mobile network operators, firewalls that protect against certain types of spam are bypassed. By collaborating with a rogue SMS aggregator, artificial traffic can be separated from the genuine to mask any apparent abnormality, or it can be allowed to go through to meet unrealistic traffic volume commitments they may have with a network operator. Although the rogue aggregator fails to deliver a portion of SMS messages, it charges the customer and shares the spoils with its criminal partners.
By deploying AI, fraudsters can inflate traffic massively, either presenting as a one-off, large-scale event, or a slow volume of fake traffic that incurs costs over time.
As the exclusive gateway for many operators, and a service provider to many major enterprises, Mitto can proactively protect and defends its customers from AIT. It has access to a plethora of data regarding legitimate and illegitimate SMS traffic to which other companies do not. That real-time traffic monitoring gives it a unique ability to discover trends and spot anomalies. When suspicious activity is detected, it creates ‘fingerprints’ to identify and prevent future attacks.
“We constantly analyze many parameters such as volume spikes, delivery reporting, trends, velocity, destination, and number ranges,” says Sacanna. “We use predictive analysis to continuously improve our ability to detect patterns of real and artificial traffic, and spot red flags. For example, our knowledge of fraudulent number ranges using Global Number Range (GNR), Mobile Number Portability (MNP), and other proprietary data allows us to block illegitimate numbers in advance. We can also identify and block non-reputable aggregators.
“We not only have a machine learning algorithm to prevent AIT fraud, but we also have experienced and hands-on SMS routing experts who can monitor and block traffic, make sure traffic is consistent with where a brand operates, and minimize false positives.
When we see anomalies or fraud-related patterns, we can either alert our customers and give them the option to block traffic themselves, or we can manage the blocking of problematic traffic for them.”
In the omnichannel war against telecom fraud, Mitto is the kind of strong ally you need.
To learn more about how Mitto can help protect you and your customers against AIT, click here.
