A2P Monetisation Threats Catalogue: Understanding SMS and Voice Fraud and MNO’s Internal Challenges

6 min read

SMS and voice services have become increasingly important for companies to send out critical updates to their customers, as the convenience of reaching subscribers virtually anywhere is highly valued. This, combined with a rise in authentication traffic, has caused exponential growth in A2P SMS messages and flash calling volumes — providing more monetisation opportunities.

However, opportunities can be missed by the operators, or they can be abused by third parties. Only by understanding the existing threats to operators’ messaging business will MNOs be able to reach their full revenue potential. In this article, we have collected a list of weak spots and scams directly or indirectly compromising proper A2P network monetisation.

Taking a look at MNO’s organisation

The first step towards securing one’s network is ensuring that the internal factors do not disrupt monetisation. Lack of internal visibility, market awareness, and in-house capabilities for protecting the network are the primary factors affecting MNO’s success from within:

  • Lack of internal visibility
    If the operator’s A2P and P2P departments are out of sync, they may have conflicting goals. While A2P teams work to eliminate grey routes by redirecting illegal traffic from P2P channels, P2P units are typically evaluated based on raw SMS traffic volumes. This misalignment can result in P2P teams lacking the incentive to address illegal messaging, as it may negatively affect their evaluation scores.

  • Lack of awareness
    Fraud trends often emerge in geographically isolated areas, meaning that fraud rampant in one region may have been witnessed months or even years earlier in another part of the world. As a result, even operators who are well-versed in their local market can fall victim to new bypass methods. To counter this, operators can partner with organisations that have access to global insights from their clients. 

  • Lack of in-house capabilities for detecting and fighting fraud 
    Many operators do not possess the necessary resources and tools to effectively detect and combat fraudulent activities within their networks. While they may be equipped to push back against certain types of fraud, handling all of them can be challenging. When word spreads that a network is vulnerable to a specific kind of fraud, it can attract more criminals seeking to exploit this weakness. 

Grey routes 

Grey routes allow third parties to circumvent international A2P SMS charges by masking expensive traffic as cheaper ones. This is achieved through various techniques, such as partnering with local aggregators who terminate the traffic at a lower rate than what is typically charged for international messages. To protect against grey routes, MNOs must constantly monitor the traffic and be aware of the traffic profiles of each partner. Whenever a local aggregator sends traffic unusual for a company of that kind, the operator should investigate the content of the SMS being sent. Grey routes include:

  • Contractual Loophole Abuse 
    The most common type of grey routes that many operators might be unaware of. It involves exploiting legacy contractual agreements between operators to terminate traffic for free or at a minimal cost. Some operators may still have old agreements allowing free traffic termination between partner networks. Fraudsters take advantage of these agreements by disguising A2P messages as P2P and abusing the preferential pricing to deliver traffic at little to no cost.

  • Termination through National Aggregators 
    In this scheme, an international partner approaches a local aggregator that already terminates traffic generated by a local service with a registered Sender ID. The parties agree to deliver international A2P traffic at a cheaper national A2P rate using the local service’s Sender ID as a disguise. This leads to a spike in local service message traffic for the operator while the international partner and local aggregator keep the profits.

  • SIM Boxes (a.k.a. SIM Farms) 
    This type of fraud, also known as SIM box fraud, is widespread and involves using hardware containing hundreds of prepaid P2P SIM cards in the operator’s home country. A2P messages are funnelled to this hardware and then sent out from the P2P SIM cards as if they were P2P messages. Fraudsters profit from the difference between the costs enterprises pay to send A2P SMS and the price operators charge to send P2P SMS. Some prepaid SIMs may include free messages in the package, allowing fraudsters to make even more profit.

  • Traffic Blending 
    The process of filtering out non-critical A2P messages and charging for their delivery. It involves a dishonest partner reviewing message content and only delivering essential updates while ignoring promotional messages. Blending not only causes a momentary financial loss but also harms the reputation of MNO businesses and endangers their entire A2P business in the long term.

Subscriber-Oriented SMS Fraud 

SMS spam and other types of fraud compromise the status of SMS as a viable A2P communication channel. As texting is a private mode of communication, subscribers being riddled with spam leads to a negative experience, lowering SMS value as a channel. Additionally, spam can serve as a weapon against MNO networks, overloading them and causing service disruptions. With increasing concerns about data sovereignty, SMS channels must be curated carefully. 

Smishing, another prevalent SMS fraud, is used to acquire sensitive personal and bank account data. Victims are prompted to share their details by clicking links, calling provided phone numbers, or contacting email addresses in fraudulent SMS messages. Advanced mobile malware, like FluBot and TangleBot, utilise smishing to infect Android devices and obtain sensitive information. Successful smishing attempts can have severe financial and personal consequences for subscribers.

Voice Threats

While the voice layer of MNO networks tends to be overlooked in the context of A2P monetisation, it significantly impacts both direct revenue generation and the wellbeing of the operator’s audience. Here we examine the voice techniques used by both legitimate service providers and fraudsters:

  • Flash calls
    Flash calls occur almost instantaneously, with the user not having the opportunity to answer the call before it is disconnected. This makes them appear as an excellent option for authentication purposes since there are no fees associated with such calls. However, this can be detrimental to mobile operators’ A2P revenue streams. Since flash calls are virtually unrecognisable as such and are rarely billed as a result, service providers can offer prices that are far cheaper than A2P SMS rates, thus cutting into MNOs’ profits.

  • Robocalls 
    Many businesses use automated telecommunication systems and pre-recorded audio messages, commonly referred to as robocalls, to keep customers informed of upcoming appointments, deliver booking information or provide One-Time Passwords. Unfortunately, these same robocalls are utilised by nefarious individuals for malicious purposes — such as sending spam and scam calls — which can heavily damage an operator’s reputation.

  • Wangiri 
    The term “Wangiri ” translates to “one ring and cut”. In this scenario, fraudsters call the subscriber with one ring and immediately hang up, hoping the latter will return the call. As a result, the user is routed to an expensive overseas premium rate number, costing them money for the call termination. The short duration of the call makes this technique somewhat similar to flash calling. 

  • Caller ID (CLI) spoofing
    A tactic used by criminals to obtain confidential information or persuade those receiving the call to take actions that would benefit fraudsters. This is accomplished by making the recipient’s telephone network display a caller ID that differs from the actual phone number that initiated the call. Flash call providers can use the CLI spoofing technique to insert the last four digits of the OTP for subscriber authentication.

What’s next?

If left unchecked, SMS- and voice-based threats can have major financial and emotional consequences for subscribers, damage MNO’s reputation and directly hinder their A2P monetisation capabilities. Therefore, operators must protect their networks and customers by introducing up-to-date firewall solutions and designated testing and monitoring routines. Partnering with experienced service providers like GMS means that operators gain access to both tailored, cutting-edge network protection solutions and relevant insights from across the globe. Talk to our experts to learn how to step up your A2P business today!

Add Your Heading Text Here