Click here for my tips, Dos and Donts to stop mobile spammers

A couple of days ago, two friends of mine received the same spam SMS. It read:

‘FREE MSG: Our records indicate u maybe entitled to £5000 in compensation for your recent Accident, To claim just reply with CLAIM to this msg, 2 stop txt STOP’

Poor grammar aside, my friends were (unsurprisingly) quite upset by the message, as neither had had an accident, nor had opted in to any kind of marketing on their phone. Although there was no premium rate SMS attached to the messages it looked like a crude attempt at fraud.

I decided that it would be an interesting exercise to see if I could find the spammers/fraudsters.

The first thing was to identify the network that supplied the reply number. The spammers had used a standard long number (like a mobile phone number), which meant that it could not be a premium rate SMS. All PSMS are connected to a 4,5 or 6 digit shortcode.
For those of us in the business, there is a simple way to identify the network using something called an HLR Lookup. This gives the number, a unique ID, the current network (even if the number has been ported) and it’s approximate location.

Checking the number gave me the following information:

Number: 447797800425
IMSI: 234507100200425
MCC: 234
MNC: 50
Operator Name: Jersey
Operator Country: United Kingdom
MSC: 447797706004
MSC Location: null

There are two particularly useful bits of information – the operator and the MSC Location. The mobile operator was Jersey Telecom. The MSC Location was ‘null’. This means that the number was not attached to any mobile phone handset, and therefore would have been used in conjunction with a messaging platform. Messaging Platforms are systems for sending bulk SMS and receiving replies. Typically they are web-based but include a connection to the mobile operator. These are used by companies and individuals for legitimate purposes, such as sending service updates or opted in mobile marketing. I know about these, because that’s what my company does! It would appear that the spammers had access to one of these platforms.

Next thing was to contact Jersey Telecom with all of the HLR and message information. They responded within a few hours (good going for a mobile network) with the following:

‘I have now received confirmation from our client that your request has been
forwarded on to their ‘opt-out’ department in order to have the number
provided removed from any mailing list. ‘

Now this is not what I wanted to hear. The spammers are probably involved with fraud, so I wanted to find the company. I emailed Jersey Telecom back asking for the name of the platform provider. They responded with:

‘I am not in a position whereby I can simply divulge our clients’ information or identity. I also work within certain ‘data protection’ restrictions.’

That really got my back up. The Data Protection Act and PEC Regulations are there to protect individuals, and not to allow companies to hide their identity, especially dishonest companies. In fact, the regulations are the opposite. Companies must make their identity explicitly clear in their communications.
Jersey Telecom received an irate response from me, explaining why they were totally in the wrong. The next day, much to my surprise, I got the following reply:

‘we have conducted an investigation into this incidence & have stopped this provider from sending these messages through our network’

Not only that, but they gave me the name of the platform provider. A company called Mblox.

Result!

To be clear, Mblox are an entirely honest and reputable company. They are not responsible for the spam, but rather have provided their messaging system to the company (or individuals) who then misused it for spam.

I then emailed Mblox asking for the details of the company who sent the messages, so I can pursue the matter further. That was a day ago, and so far I haven’t had a reply from them. But watch this space, as soon as I find out who they are, I will update the blog.