SMS Blaster Data Study Reveals Lost Messaging Revenues

By Jacob Howell, Director of Corporate Strategy at LATRO

In the rapidly evolving landscape of telecommunications, the security and integrity of business and network operations have become paramount. As telecom networks expand their services and infrastructure, they simultaneously become targets for illicit fraud and hacking activities, notably through the deployment of IMSI (International Mobile Subscriber Identity) Catchers. These devices, often colloquially known as “Fake Base Stations” or “SMS Blasters,” masquerade as legitimate cell towers, allowing for unauthorized manipulation of mobile devices and tracking of users’ locations. IMSI catchers can be used legitimately for lawful intercepts, or illegitimately by fraudsters. While it is impossible to distinguish who is using the device, one fact is clear: IMSI Catchers and SMS Blasters not only pose significant privacy and security concerns but also a substantial risk to valuable messaging revenue, affecting business and network operations as well as subscribers.

SMS Blaster Scheme

SMS blasters also pose significant smishing risks by intercepting and sending deceptive messages to unsuspecting users. These devices can impersonate legitimate sources, tricking recipients into revealing personal information, such as passwords or financial details.

SMS Blasters in Nutshell

  • SMS Blaster simulates a cell tower.
  • Nearby mobile devices tricked into connecting to it. Mobile Network Operators are unable to prevent it.
  • Unbilled and unauthorized SMS Messages delivered to devices.
  • Devices are released back to the home cell tower.

SMS Blaster Risks

  • Bulk SMS messages terminated without charge.
  • Victims click and unknowingly:
    • Download Malware used for Account Hacking.
    • Enter Smishing Website.
    • Compromise Personal Information for use in Identity Theft.

Operator & Subscriber Challenges

  • As a standalone network, SMS blasters Shot Messages bypass Operators’ Billing and Content Controls.
  • Signaling and SMS Firewalls are Ineffective.
  • SMS Content Filtering is Ineffective.
  • SMS Blasters Operate without detection within the Host Network Coverage Area.
  • SMS messaging revenue loss.

Our Research

To better understand the growing concern over SMS Blasters, LATRO recently conducted a study to identify the presence of rogue SMS Blasters within a network operator by analyzing signaling data. LATRO developed a method to detect anomalies which indicate the presence of these unauthorized devices. The approach is based on the idea that SMS Blasters create noticeable anomalies in signaling data, deviating from the usual patterns observed under normal network conditions.

The significance of this research goes beyond its immediate technical contributions. By creating a dependable and non-invasive way to detect SMS Blasters, we empower operators to protect their Bulk messaging revenue, improve their network security measures, guard user privacy, and preserve the integrity of their telecom services. This effort not only supports the global telecommunications industry’s initiative for enhanced security and robust infrastructure, but also adds to the wider conversation on privacy and surveillance in our digital era.

SMS Blaster Heatmap

Our Findings

Our analysis involved examining the use of signaling layer transactions within an operator’s 2G and 3G networks. Examining events within network signaling which are not contained in mediated billing records showed clear evidence of mobile devices attacked by fake base stations. Investigating the location and times of day associated with the reconnection of these subscribers to their home network were tell-tale signs of SMS Blaster activity.

At an average cost of just $0.15 USD per international message and as SMS Blaster devices can deliver 20,000 to 50,000 SMS per hour, an operator could be losing up to $7,500 per hour per device! This shows just how quickly operators can lose messaging revenues to SMS Blasters operating within their footprint.

Anomalous Activities per Hour per Time of Day

LATRO’s Solution to SMS Blasters

LATRO’s Bypass Shield solution is capable of both detecting and locating SMS Blasters operating within the mobile network operator’s coverage area. Our solution analyzes signaling messages and detects if, and where, subscriber’s and their mobile devices have been attacked with an IMSI catcher/ SMS Blaster. Using expert technology, we detect where these rogue apparatuses operate so that mobile network operators, law enforcement, and regulators can quickly take action to precisely geolocate, catch, and to stop them – preventing significant messaging revenue loss and stopping security risks to subscribers.

Download the FREE SMS Blaster Brochure to discover more.

Don’t Let Fraud Eat Away at Your Profits. Contact LATRO Today!

🔗 LATRO is committed to helping MNOs combat SMS Blaster fraud and protect their bottom line. Contact us today or send email to info@latro.com if you would like to find out if SMS Blasters are operating within your network and their impact to your business.