Dissing the smishing: How do SIM farms put consumers at risk from fraud?

The alarming increase in smishing and fraud is creating serious financial and emotional consequences for consumers, and undermining trust in business SMS.

Have you ever received a text message with a suspicious link?

The answer is probably yes, and the problem is increasing. The last couple of years have seen a huge rise in smishing targeting European consumers – and it only intensified during the COVID-19 pandemic. As SMS fraud reaches record highs, consumers are being put at further risk.

A 2018 survey showed that European consumers lose at least €600 million a year due to smishing and SMS fraud. Since then, these figures have grown significantly. Estimated smishing fraud increased by 667% in the first month of the COVID-19 pandemic. SMS is a more direct and personal approach of reaching individuals than other communications channels like email. The consequences? A more effective way for fraudsters to trick consumers.

Smishing and fraud also undermine the trust of consumers in business SMS, which is essential in enabling businesses and organizations to connect with consumers and transmit critical communications. Trust needs to be protected and smishing needs to end.

Most of these suspicious messages are sent by SIM Farms. By using consumer SIM cards in unauthorized ways, SIM Farms breach mobile operators’ Terms & Conditions and let fraudsters send business SMS far cheaper and wider creating bigger damage and impact.

SIM Farms are often used for malign purposes such as spam and scams and facilitate data theft, as SIM farms harvest customers’ phone numbers and other sensitive personal information for future malign use. In short: this is a very serious threat to consumers all around the world.

As we head into World Consumers Rights Day on March 15th, Sinch is raising awareness around smishing and the harm it causes.

We call on policymakers and the industry to work with us in #DissingTheSmishing and to combat the SIM farm threat to consumers worldwide.

At Sinch, consumer protection is at the heart of everything that we do. We have the tools at our disposal to report, track, and eliminate smishing, but it will take all actors and representatives in the value chain, from businesses to mobile operators to regulators to act and deliver better protection.

We all need to work closer together to promote initiatives such as the Mobile Ecosystem Forum’s Business SMS code of conduct. In addition, the adoption of technical solutions such as sender ID registries and national spam reporting services need to be encouraged in more countries to help detect, block, and prevent fraud. Mobile operators are already taking important measures to tackle and help prevent SIM farms, through the introduction of SMS firewalls. We encourage those efforts to continue and to expand so that we can ensure the protection of subscribers in Europe and across the globe.

We also call on policymakers and regulators to raise awareness and ensure better enforcement of existing European consumer and data protection legislation, to protect each and every single one of us.

Without strong protection of consumers, the business messaging sector’s continued growth, which benefits both businesses and consumers, is at threat. We’re keen to work together with businesses, mobile operators, policymakers, and consumer organizations to better protect consumers. If you would like to find out more, please get in touch!

Robert Gerstmann is Chief Evangelist and co-founder at Sinch AB.

About Sinch

Sinch’s leading cloud communications platform lets businesses reach everyone on the planet, in seconds or less, through mobile messaging, email, voice and video. More than 150,000 businesses, including many of the world’s largest companies and mobile operators, use Sinch’s advanced technology platform to engage with their customers. Sinch has been profitable and fast-growing since its foundation in 2008. It is headquartered in Stockholm, Sweden, and has local presence in more than 50 countries. Shares are traded at NASDAQ Stockholm: XSTO:SINCH. Visit us at sinch.com.