Cloudmark’s CTO, Neil Cook, on SMS spam loopholes

Consultant Mark Hole was seriously annoyed to discover his Orange number had been signed-up for a Buongiorno premium rate service. He did some digging and discovered a loophole in the Buongiorno system that allows anybody to sign-up any Orange users to the premium rate service. The full details are over on this BBC News story. It’s pretty poor.

It’s yet another example of the premium rate spam malaise that the industry is still suffering from.

Cloudmark know a thing or two about malicious activities on mobile networks — indeed it’s their key area of focus. I received this note from the company’s CTO, Neil Cook, discussing the Buongiorno issue and highlighting the wider challenges for the market:

“I’m sure that most mobile users are aware that, by not actively opting out of the ‘more information’ box, they’re likely to receive the occasional marketing SMS message now and then.

“However, the line between relevant marketing messages and those that can be perceived as unsolicited texts, or mobile spam, can become blurred. Indeed, according to a survey carried out by the DMA, 58 per cent of mobile users said they’d received a spam SMS in August 2011, with almost a quarter (22%) including opt-in marketing messages in this. The distinction is further blurred when operators or their partners fail to check where sign up requests are being made from, as was the case with this reported loophole and, by not doing so, allow malicious third-parties to take advantage of the billing relationship between the operator and their subscriber.

“The future of mobile marketing could be jeopardised by a growing sense of distrust in the end-user who might not only be put off by the volume and content of the messages they receive, but could also be subject to charges that they had never signed up for in the first place. If consumers refuse to engage, brands could stand to lose a useful, immediately responsive marketing channel. And operators could miss out on the opportunity to build new revenue models as global marketers explore new marketing channels which place them straight in the palms of consumers.

“For the benefit of both brands and consumers, we would encourage operators to monitor legitimate content providers more closely, and urge users to report unsolicited texts to the ICO, PhonePayPlus, and their network operator using the 7726 shortcode.”

You make a good series of points Neil. I wonder if the damage is already done?

By the way, if you’d like a nice overview of what Cloudmark does — along with some rather shocking information about the growth of Android spam — I recommend you watch this video interview I produced a few months ago with Cloudmark’s VP, Alan Ranger.

By Ewan

Ewan is Founder and Editor of Mobile Industry Review. He writes about a wide variety of industry issues and is usually active on Twitter most days. You can read more about him or reach him with these details.

2 replies on “Cloudmark’s CTO, Neil Cook, on SMS spam loopholes”

Never a truer said.

The problem is that these PPI claims and debt spam companies are using SMS as a tool to gain new clients. These companies can send thousands of text messages for next to nothing in costs, so the more messages they send, the more chance they have in getting responses from unsuspecting suckers, I mean customers.

It would be a shame to lose legitimate SMS marketing in the UK, but such as everything where people can message people for no or little cost (just look at the state email is in with spammers), SMS will continue to be abused by “grey” area companies that want a quick sell.

Oh yes, and one last thing. Whose bright idea was it so that you can be charged for an incoming SMS message? These premium SMS companies are a nightmare and if you’re not careful, you could be tricked into receiving text messages that cost you a fortune! I would love to sit down at a table and speak with whoever made that decision. The first question I would ask them is how many premium SMS companies they own or have shares in 😉

Rant over…

I remember back in the good old days you were unable to send a premium SMS to a user unless they had first sent an incoming SMS (asking for the facility). But of course that doesn’t work for weekly/daily style billing facilities.

It could all be fixed easily.

It could have been a huge, huge billing medium and mechanism too. For a little while it looked like premium SMS would ‘merge’ or morph into ‘payforit’ style services. Until Apple came along and blew it all away.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.