Dos and dont’s of stopping mobile spam

Following on from my previous post about spam SMS, here are a few things you should and shouldn’t do to deal with it.

If you are suspicious about an SMS, don’t open it. However, if you do open it, it isn’t the end of the world. If it is a standard SMS then it cannot make a charge to your phone or provide any information to the spammers. If it is a ‘service’ message then the icon on your phone will look different to other messages – don’t open that type.
Unlike your PC, viruses are almost non-existent and apps will need to be installed first. So, the risk to your phone is less then opening or downloading a file on your computer.

DON’T click on any links in an SMS – it may lead to a charge to your phone or open unwanted mobile site.
DON’T open any SMS with an icon that looks different to the standard one on your phone – it will be a service message (or WAP push) and may download an app or take you to a mobile site.
DON’T delete the message … at least not until you have recorded the details. You can get the message details on most handsets without opening the SMS itself.
DON’T reply to a message, even if it is a STOP message. They may be either trying to verify the number or use the STOP as a method to send further billings. If you are certain the company sending the message is reputable then it is OK to respond to them by SMS.

DO make a note of the date, time and message that was sent. You will need all of this information to make a complaint.
DO make a note of the Sender ID. This is the number that it appears to come from. Sometimes a name is used instead of a number. Again make a note of this.
DO check for the owner of a shortcode number. If you see a 4,5 or 6 digit then it will be attached to a premium rate code. You can check the owner by using the PPP number checker here. If it appears to have come from a long number (looks like a mobile phone number), then you cannot identify the owner. An HLR check will tell you the network and unique ID which will help to trace the owner.
DO report it to your network provider.
DO complain to the owner of the number. Ask them, not only to remove your number but also find out where they got it from. They are required by law to hold evidence of your opt in. Many companies will just ignore your request. If that’s the case, contact PPP and the ICO (details below).
DO complain to PPP (http://www.phonepayplus.org.uk/output/default.aspx) the premium rate regulator for shortcode numbers.
DO complain to the Information Commissioner’s Office (www.ico.gov.uk) if your privacy has be breached.
DO complain to Ofcom, the telecoms regulator – they may tell you to speak to PPP or the ICO depending on the query, but it’s still worth contacting them.

And finally …
DON’T give up! Most mobile service providers will ignore you. PPP and the ICO take for ever to respond, and often say they can’t deal with the matter. Sometimes they may just say that they’ve opted you out, but won’t take any further action. Don’t take no for an answer. Keep emailing or phoning until action is taken against the company.

If you need any further advice or want me to make an HLR check on a number, then drop me a line through this blog.

How to stop mobile spammers

Click here for my tips, Dos and Donts to stop mobile spammers

A couple of days ago, two friends of mine received the same spam SMS. It read:

‘FREE MSG: Our records indicate u maybe entitled to £5000 in compensation for your recent Accident, To claim just reply with CLAIM to this msg, 2 stop txt STOP’

Poor grammar aside, my friends were (unsurprisingly) quite upset by the message, as neither had had an accident, nor had opted in to any kind of marketing on their phone. Although there was no premium rate SMS attached to the messages it looked like a crude attempt at fraud.

I decided that it would be an interesting exercise to see if I could find the spammers/fraudsters.

The first thing was to identify the network that supplied the reply number. The spammers had used a standard long number (like a mobile phone number), which meant that it could not be a premium rate SMS. All PSMS are connected to a 4,5 or 6 digit shortcode.
For those of us in the business, there is a simple way to identify the network using something called an HLR Lookup. This gives the number, a unique ID, the current network (even if the number has been ported) and it’s approximate location.

Checking the number gave me the following information:

Number: 447797800425
IMSI: 234507100200425
MCC: 234
MNC: 50
Operator Name: Jersey
Operator Country: United Kingdom
MSC: 447797706004
MSC Location: null

There are two particularly useful bits of information – the operator and the MSC Location. The mobile operator was Jersey Telecom. The MSC Location was ‘null’. This means that the number was not attached to any mobile phone handset, and therefore would have been used in conjunction with a messaging platform. Messaging Platforms are systems for sending bulk SMS and receiving replies. Typically they are web-based but include a connection to the mobile operator. These are used by companies and individuals for legitimate purposes, such as sending service updates or opted in mobile marketing. I know about these, because that’s what my company does! It would appear that the spammers had access to one of these platforms.

Next thing was to contact Jersey Telecom with all of the HLR and message information. They responded within a few hours (good going for a mobile network) with the following:

‘I have now received confirmation from our client that your request has been
forwarded on to their ‘opt-out’ department in order to have the number
provided removed from any mailing list. ‘

Now this is not what I wanted to hear. The spammers are probably involved with fraud, so I wanted to find the company. I emailed Jersey Telecom back asking for the name of the platform provider. They responded with:

‘I am not in a position whereby I can simply divulge our clients’ information or identity. I also work within certain ‘data protection’ restrictions.’

That really got my back up. The Data Protection Act and PEC Regulations are there to protect individuals, and not to allow companies to hide their identity, especially dishonest companies. In fact, the regulations are the opposite. Companies must make their identity explicitly clear in their communications.
Jersey Telecom received an irate response from me, explaining why they were totally in the wrong. The next day, much to my surprise, I got the following reply:

‘we have conducted an investigation into this incidence & have stopped this provider from sending these messages through our network’

Not only that, but they gave me the name of the platform provider. A company called Mblox.

Result!

To be clear, Mblox are an entirely honest and reputable company. They are not responsible for the spam, but rather have provided their messaging system to the company (or individuals) who then misused it for spam.

I then emailed Mblox asking for the details of the company who sent the messages, so I can pursue the matter further. That was a day ago, and so far I haven’t had a reply from them. But watch this space, as soon as I find out who they are, I will update the blog.

Cheating the App Store: PR firm gets interns to give 5* reviews to it’s clients apps

It had to happen! With such promises of riches from app downloads, it looks like companies are engineering reviews in their favour.
Giving false stars for mobile apps

Mobilecrunch reports that a PR firm representing a number of apps and games companies has been hiring interns to trawl itunes and give their client’s apps five star reviews. How did they find this out? Well the PR company described the process they use in their corporate literature.

Fortunately for app store users, they can see all the reviews submitted by each person, so blatant ‘app fluffing’ can be seen. However, as people get wise to that, it wouldn’t surprise me if they just use more reviewers with fewer entries.

As I suggested a few weeks ago, a combination of Apple’s own submission/acceptance policies and review engineering may see the end of the goldrush for the App Store.

45% of US Employers use online social networking to vet candidates

A recent study has shown that 45% of employers check social networking sites on potential candidates. Scary? Yes. Surprising? No.45% of US Employers use online social networking to vet candidates

Employers have been ‘Googling’ their candidates for many years, and most people are aware of this. The problem is that as social networking has boomed, the information about potential candidates has increased. According to the study, things like references to drug use, or other unfavourable habits has caused them to reject candidates who would have been acceptable otherwise.

So, whilst you’re showing off to your mates on Facebook, that information may damage your future reputation. Of course, there is a benefit to all this social network prying. Anyone with half a brain can use the sites to fluff up their potential employability … lots of references to your great charity work, important books or education can help engineer a highly employable profile.

Is content aggregation the future for mobile?

With the increase in smart phones, will inevitably generate increases in mobile social networking, mobile newsfeeds and mobile email. It’s hard enough to manage all of these on a PC, but on the limited platform of mobile, it will be nearly impossible.

For some, such as the iphone, the solution has been through an excellent user interface. But still, it can be hard to remember if you messaged your friend on Facebook, Twitter or sent them an SMS.

The future, therefore seems to be one of aggregation – bringing the various bits of chat, information and general online noise into one place. Whilst newsfeed aggregation has been in use for sometime on the web, swiftly followed by social network aggregation, it has not really hit the mobile space yet. The Palm Pre is the first to address this in the mobile environment, by aggregating all the conversations with friends, whether they are SMS, email or IM. Orange are the first to address this in the mobile operator space, with a new social networking aggregation app, Orange Social Life.

I suspect that we will see many more aggregation apps for the mobile space in the next few months.

appstore (again): Apple censors iphone dictionary

Apple censors iphone dictionary

Apple censors iphone dictionary

Maybe it’s just the time of year, but another story has popped up about the iphone appstore. Tech Crunch reported that Ninjawords Pocket Dictionary ($2) has been classified as 17+ for the inclusion of words such as ‘tits’ and ‘piss’. Other words, such as ‘fuck’ were censored entirely. The rather patronising attitude of the appstore reviewers has annoyed many in the tech world, especially when censored words are freely available in the Apple OSX dictionary.

It reminds me of the days when AOL banned references to the town of Scunthorpe for being offensive.

Trouble with iphone App Store (again): Google considers going web

Following from my previous post about the problems developers are having with the iphone appstore, it seems that Google may have found a solution for Google Voice: optimise it for the iphone web.

Given Apple’s recent track record, it comes as no surprise that Google Voice was banned form the appstore. The reason for this may be less to do with the iphone itself, and more to do with their relationship with carriers/operators such as AT&T in the US or T-Mobile in the UK. It highlights the problem that with the increase in data services and VOIP in 3G networks, mobile operator’s traditional revenues may just dissappear.

Google are probably not too worried about mobile network operators, and are more interested in seeing their apps in the marketplace. According to a report in the New York Times, their solution is to develop a web-based app optimised for the iphone. This is a good solution and in in keeping with Google’s Web 2.0 principles. It may also be a lesson for other developers thrown out of Apples appstore.