Twitter is defrauded of up to 60 million dollars per year via SMS

Elon Musk claims that A2P SMS fraud on Twitter could cost $60 million during Twitter Spaces.

When it comes to the messaging ecosystem, we know the threat landscape is constantly changing as attackers change their methods to circumvent new regulations and other developments, but significant threats to reputation and capability remain constant. earn brand businesses.

The figures shared by Twitter and Elon Musk are just the latest in a series of warnings. In an interview, Musk said Twitter was “scammed out of $60 million a year via text messages,” implying that no company of any size or influence is immune to fraud. via A2P SMS. It’s endemic and it’s time the industry took action to eradicate it once and for all. The alleged $60 million hit on Twitter accounted for nearly a third (27%) of the company’s reported losses in 2021. Enea’s analysis indicates that the problem is widespread, so any idea that fraud in A2P SMS is a small concern now must be addressed.

A recording of Musk’s December 20 Twitter Spaces conversation can be read below, it starts at 43mn. He explained that there are telecom operators (about 390) that are not very honest, in some parts of the world, such as, with two-factor SMS authentication, and account creation (by bots) to literally run the tab to get Twitter. text them, and Twitter will pay them millions of dollars, without even asking. Cutting off an entire telco obviously has an impact on legitimate Twitter users and curbs bogus traffic. Musk has offered to make deals with telecom carriers that were apparently involved in the fraud.

Recently, there has been an increase in a type of fraud known as artificial traffic inflation (AIT), which is perhaps one of the most dominant enablers of this type of SMS scam. AIT is performed on revenue share numbers, short codes and premium rate numbers with a cost to the end user, where the information provider maximizes traffic for financial gain. This increased traffic often takes the form of spam, designed to trick people into calling a specific number to take advantage of loopholes in billing systems.

In addition to bots that generate traffic from the Twitter service itself, this particular type of fraud can also be perpetrated within the ecosystem of actors that deliver and deliver traffic from services such as Twitter to end users. worldwide, covering mobile operators and aggregators. In other words, whenever there are multiple “hops” in connectivity, there is a risk that one of those hops will cause this type of traffic inflation. Other practices, such as “gray routing” of traffic, where unauthorized traffic enters a telecommunications network unknown to the carrier, are also a growing concern. These “leaps” are essential to ensure global connectivity in a world where digital communication has become a way of life. Therefore, it is increasingly important for operators to detect, measure and control these risks in real time. Left unchecked, this type of fraud will continue to jeopardize legitimate A2P traffic and revenue and may end up compromising the SMS channel beyond its economic value.

There are commercial traffic management solutions like Enea’s that use a wide range of use cases to identify and control the patterns typical of this type of fraud. They have full visibility into over 50 billion daily threats and monitor traffic from over 2.2 billion end users, giving many of the largest communications providers and aggregators unparalleled insights for management. and A2P traffic management.

Leave a Reply

Your email address will not be published. Required fields are marked *