More
    HomeDigital Platforms & APIs5% of application-to-person SMSs were fraudulent in 2023

    5% of application-to-person SMSs were fraudulent in 2023

    -

    20 billion false messages were sent last year, costing brands about €1.1bn according to an investigation by Enea and Mobilesquared

    A report co-authored by Enea and Mobilesquared found that artificial inflation of traffic (AIT) is pervasive in the messaging ecosystem. Between 19.8 billion and 35.7 billion fraudulent messages were sent in 2023.

    The study stresses the substantial financial toll of AIT, with brands incurring costs of $1.16 billion (€1.16 billion) due to fraudulent messages. It also puts a strain on the messaging ecosystem, accounting for 4.8% of all Application-to-Person (A2P) SMS traffic.

    Fraudulent A2P traffic created is by mechanisms such as bots and counterfeit messaging. It leads to financial losses for many in the message ecosystem and undermines the integrity of brands’ communication with customers.

    Undermining trust and integrity

    This type of fraud is prompting brands to shift away from SMS to other communication channels, threatening the viability and profitability of the messaging ecosystem.

    Despite this, there is no consistent or comprehensive definition of AIT nor detailed descriptions of the various fraudulent mechanisms. The report’s authors say this lack is an obstacle to understanding and combating AIT.

    Based on its own threat intelligence combined with industry sources, Enea has identified a taxonomy of six different AIT abuses. The authors identified the following as the ones that have the biggest impact:

    • Counterfeit Fabrication AIT – traffic injected in transit by an aggregator.
    • Amplification bot Generation of AIT – traffic created by triggering one-time-passwords and other message-generating triggers at brand websites and services.
    • Masquerade Parasite Generation of AIT – traffic injected through accounts created at a Communications Platform-as-a-Service (CPaaS) provider.

    All six types of AIT and their estimated market impacts are detailed in the report which can be downloaded from here.

    Set the industry back years

    “Understanding the profound impact of AIT on A2P messaging is essential for safeguarding the integrity of our A2P communication ecosystems,” said Simeon Coney, VP of Business Development at Enea. “It’s imperative that all stakeholders in the messaging ecosystem – from mobile operators to CPaaS and aggregators – collaborate closely to measure the impact of these AIT frauds, develop and deploy robust solutions that can effectively identify sources and mitigate AIT threats.”

    Nick Lane, Chief Messaging Officer at Mobilesquared noted, “The pandemic accelerated brand adoption of SMS, but the rise of AIT, and the abuse of brand-spend relating to authentication and one-time passwords in particular, will set the A2P SMS industry back years, if indeed it will ever recover from the turbulence it has experienced over the last 12 months.

    “This should not be the case as brands continually tell us that SMS remains the best channel. As an industry, we just need to find improved and enhanced methods of protecting it.”