September 21, 2007

Putting a Stop to Text Message Spams and Scams

Greetings. I've been watching the degenerating situation with text message (and multimedia message) cell phone abuse for some time.

Recently, the situation seems to be getting worse, and the hodgepodge, largely ineffective approach of the cellular carriers to the problem is no longer tolerable.

Spammers and scammers working their way through ranges of mobile numbers (unlisted or not) are throwing increasing amounts of garbage at cell users, messages that either cost money per item or at the very least eat up service plan message allocations for all but unlimited plans.

Worse, you can be hit by some major charges when crooked operations sign up your cell phone for third-party sex talk, joke-related, or other text services. You know the type -- they advertise in the dead of night with tiny fine print on the screen for a few seconds that describe their outrageous charges. They've filled the niche in the ripoff area of the telecom ecosystem that used to be loaded with 900 number services and the like.

It's bad enough when people fall for those ads and start to see sometimes massive monthly charges -- happily passed along by the cell carriers. But what's worse is that you can get signed up for these "services" without your permission or knowledge.

This morning I received (on my cell phone, whose number I don't release publicly) three text messages with the same timestamp. One invited me to a pay joke service. The next thanked me for signing up. And the third was the first inane joke. Needless to say, I'd never heard of or had anything to do with these idiots before.

AT&T Mobility (formerly Cingular -- a rose by any other name ... ) told me that they could do nothing to block such scams (other than turn off text messaging completely, apparently not all carriers are even willing to do that much).

They suggested that I go ahead and reply with "STOP" as instructed in the text messages themselves to cease the service.

My own inclination from the conventional spam-fighting world was not to respond at all, but I went ahead and got an "unsubcribed" message back. If a service charge shows up later they'll delete it, but they can't proactively prevent this from happening again at any time, and their only suggested solution for continuing text message abuse is changing my phone number. That's an inconvenience customers shouldn't have to deal with, and a lot of good that will do against sequential or random number spamming, right?

Some carriers (but apparently not AT&T) have Web sites where you can apply limited filters and rules for blocking inbound text messages -- especially Internet generated -- or block all Internet-based text messages entirely (though the scam that hit my phone did not appear to have an Internet origin).

But it's all an ad hoc mess, and in the meantime subscribers are continuing to get royally screwed.

One logical way to handle this would be to permit subscribers to specify that they would not accept any text messages (except those generated by the carrier itself, e.g. billing notifications), unless they began with a chosen word (that is, a passcode) at the start of the text message body. This would allow users to provide that code to persons from whom they were willing to receive text messages. Random messaging attempts would be blocked, and algorithms could watch for dictionary attacks and the like.

It's not sufficient to force subscribers to call "customer service" and sit on the phone for ages in the queue, just to try convince a rep to remove erroneous text message charges and associated third-party service fees. Many people won't have the time for this and will eat the charges themselves, to the benefit of the carriers' bottom lines.

If the cellular carriers aren't willing to collectively get their acts together on this issue in a systematic and organized way, it may be necessary to move toward a regulatory approach in order to move the ball forward.

And that's a message to make loud and clear.


Posted by Lauren at September 21, 2007 12:07 PM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein