Internet Security, Rules and Laws

What is SMS Spoofing?

SMS spoofing is a relatively new technology which uses the short message service (SMS), available on most mobile phones and personal digital assistants, to set who the message appears to come from by replacing the originating mobile number (Sender ID) with alphanumeric text. Spoofing has both legitimate uses (setting the company name from which the message is being sent, setting your own mobile number, or a product name) and illegitimate uses (such as impersonating another person, company, product).

How SMS Spoofing Works for Cyber Criminals

SMS Spoofing occurs when a fraudster manipulates address information in order to impersonate a user that has roamed onto a foreign network and is submitting messages to the home network. Frequently, these messages are addressed to destinations outside the home network – with the home SMSC essentially being “hijacked” to send messages into other networks.

The impact of this fraud is threefold:

1. The home network can incur termination charges caused by the delivery of these messages to interconnect partners. This is a quantifiable revenue leakage.

2. These messages can be of concern to interconnect partners. Their customers may complain about being spammed, or the content of the messages may be politically sensitive. Interconnect partners may threaten to cut off the home network unless a remedy is implemented. Home subscribers will be unable to send messages into these networks.

3. While fraudsters normally used spoofed-identities to send messages, there is a risk that these identities may match those of real home subscribers. The risk therefore emerges, that genuine subscribers may be billed for roaming messages they did not send. If this situation occurs, the integrity of the home operator’s billing process may be compromised, with potentially huge impact on the brand. This is a major churn risk.

An SMS Spoofing attack is often first detected by an increase in the number of SMS errors encountered during a bill-run. These errors are caused by the spoofed subscriber identities. Operators can respond by blocking different source addresses in their Gateway-MSCs, but fraudsters can change addresses easily to by-pass these measures. If fraudsters move to using source addresses at a major interconnect partner, it may become unfeasible to block these addresses, due to the potential impact on normal interconnect services

Domain theft is an aggressive form of domain hijacking that usually involves an illegal act. In most cases, identity theft is used to trick the domain registrar into allowing the hijacker to change the registration information to steal control of a domain from the legitimate owner.

Some registrars are quick to set things right when these cases are discovered. However, it is well documented that some registrars will admit no fault in accepting the forged credentials and will refuse to correct the record until forced by legal action. In many of these cases, justice is not done and the hijacker retains control of the domain. The victims of such theft often do not have the resources or willingness to invest the effort necessary to regain control of their domain, which may require a lawsuit or a lengthy and time-consuming arbitration process, especially if the hijacker and victim are in different countries. People that have hijacked a domain can do anything with that name, including putting up their own website or redirecting those who visit the address to another site.

What is this Cyber crime?

We read about it in newspapers very often. Let’s look at the dictionary definition of Cybercrime: “It is a criminal activity committed on the internet. This is a broad term that describes everything from electronic cracking to denial of service attacks that cause electronic commerce sites to lose money”.