Slashdot Mirror
Spammers Start Abusing Cell Phones
slimyrubber writes "Just when you thought that spam couldnt get any worst, Cell phones are becoming the latest target of electronic junk mail, with a growing number of marketers using text messages to target subscribers. Is cell-phone spam likely to evolve into something that big, something approaching the scale of e-mail spam? Not if you help to kill SMS spam where it starts. Hopefully."
I seem to recall that in the US, telemarketing to cellular phones was illegal, as the receiver often pays for it directly.
Wouldn't sms spam fall into the same category?
This isn't new at all. I remember clearly getting phone spam back in 2001, and it wasn't for things I'd subscribed to via text messaging (I rarely used the phone, and certainly not for any of these fucking "TXT 4 KEWL LOGOS" services).
And just when you thought butchering the English language couldn't get any worst...
I think that we will quickly see law suits being filed over this, similar to the one we saw to fax.com. Many cellular companies charge for receiving text messages, and it would be a violation of FCC regulations to initiate such ads when the recipiant is being charged for them. (Also it is illegal for a telemarketer to call a cell phone, because of the charge ensued from having to use minutes).
30% Troll, 50% Underrated, 10% Interesting
Score:5, Troll
First Email, Then Phones.. Will next be my fridge?
Is that
(1) It is not easy to filter out, given the majority of people here now only uses phone that cannot be programmed easily (at least, not as easy as using the OE plugins or the MacosX Mail.app)
(2) Usually they are more intrusive - nowadays people carry cell phones around and when you are bugged by SMS spam TOGETHER with important SMS.. it's friggin' bad...
(3) They know where you read it... the positioning system of the GPS/w-cdma networks allow them to track your place...
now what? right - do it with legislation.
I was there last year, and the day after I got my cell phone, before I had even given the number out to anyone, I managed to get SMS spam. Porn spam to boot. Needless to say I was both impressed and annoyed.
The cell phone structure in Japan though makes it a bit easier to spam(the carrier I had, KDDI uses your cell # to do SMS). Unlike the US where your cell # area code is based on location, in Japan all cell phones have either 090, 080(and 081 I think) so the spammers just used an SMS equivalent of an autodialer I do believe. Though I never got any SMTP spam while I had the phone...
For one thing - SMS are limited to 160 characters, and secondly - SMS cost money to send. Granted - even email costs money, but you could send probably several thousand emails of a few kb each for less than US$1. With SMS you're paying a few cents for each individual SMS of max 160chars. Therefore for SMS spam to become a real phenomenon, you would need way higher returns for the messages you send.
At least the messages are limited to 110 characters on my old Nokia / attwireless setup.
We already went though fax spam, email spam, telemarketers and of course everyone's favorite - junk in your snail mail box.
I think its time that we come up with a more global view of things. A single list similar to the do-not-call list but that will allow you to get blacklisted for every kind of communications. I know many people have reservations like that spammers will use these lists as a source of valid email addresses, but you can get around that by allowing the user to select which one of their contacts they want on there...
Peter.
Companies won't stop cell phone abuse because it means higher dollars for them. Plus it means they can sell services to block the abuse, which is generally a pattern from regular phone companies selling caller-id, call blocking... etc.
Wherever there's money, there's abuse of power.
The dangers of knowledge trigger emotional distress in human beings.
In the UK I've been recieving text message spam for a while, and recently there has been a massive surge in the number of text message "Scams" being sent out.
;)
Generally of the type "You have a new voicemail, call XXX to listen to it", where XXX is a premium rate number.
Highly, highly irritating - now all we need is a baysian text message filter
here in the uk we've been getting spam through our mobiles for a long time now, many years.
there has also been chainmail too.
Fast forward a year or so from now: "Ask Slashdot: Where Do Dummy Cell Phone Numbers Go?"
And this happended just when I thought my wursts couldn't get any more spam...
What is the sound of one hand clapping?
cat
So why can't they implement a similar function for SMS? If the number's not in my phone book, I don't want to hear a tone, and I don't want the message sitting on my phone - just flush it straight away.
Never mind Spamassassin. When's Spammerassassin coming out?
The only way you'll see cell companies scrambling to prevent SMS spam is if their revenues would be adversely affected by not doing so. If cell companies learn that their subscribers are turning their cellphones off when not in use or are cancelling their SMS service altogether, then they they sit up and take notice. Otherwise SMS spam delivery actually helps their bottom line and they won't be inclined to prevent it.
I've been pestered ocassionally with SMS spam, but I had no idea how and where those foghats got my number from. Then recently, maybe two days ago, I discovered a site that could do reverse lookup on numbers in my country, It found me from my number, in a goddamn public list, I checked a few more similiar sites and about half of them knew about me. It appears that my WSP sold the numbers of anyone they had connected with a name, out there on the internet they're defenseless against them evil info harvesters. Sellouts... Death to Vodafone!
I predict this will never catch on. At least not in Europe. Here the sender pays for sent text-messages, which makes the spammer pay big money if he is to spread the word. In adidtion, it is very easy to trace messages wntering the phone-network, and thus it is very easy to catch the offenders.
Each of the major cell phone providers have an e-mail to SMS gateway relaying all messages to [10-digit-number]@[provider's domain] to the appropriate cell phone of it exists on their network.
.001ish% response rate to justify their operations... so any tool this strong is dangerous in the hands of "guess and check" operations.
Not only does that mean that there's only 10 billion possible combinations that can go in that 10-digit-number slot, since all those numbers come in the form [area code]-[exchange]-[4 digits] they can start focusing on the exchanges that have been allocated to wireless providers to get a very high success rate. If you know that 508-335-xxxx belongs to Cingular, you can take a pretty good shot at aiming 10,000 messages at all the combinations of that number on Cingular's SMS domain, and a majority of them will most likely hit devices.
Of course, number portablity now introduces the possiblity that a number is now no longer with the original provider who owned the exchange allocation, but that'd be only a dent in a pretty high success rate to begin with. Remember that spammers need only a
I remember the old Prodigy service had the limited domain of addresses in the form of [four letters][two digits][letter from a-f]@prodigy.com and spammers had a field day of being able to discover such addresses from them being posted on the service and just deducing others.
Virtually all of the spam SMS-messages I get are from phone companies themselves.
My own 'provider' (Vodaphone) broadcasts the occasional multimedia message so I can see how unspeakably wonderful they are, but that is a relatively minor irritant.
Whenever I leave the country - Germany - the local providers all send me messages in German welcoming me to their networks and suggesting ways I can enhance my experience there by dialing certain numbers. You get one of these messages each week (Sunday to Saturday) so a weekend somewhere will generate one message when I get there and another one on Sunday for each network my phone happens to roam into. This is annoying enough when I am not at the wheel, but goes way beyond that when I am driving and expecting a serious message. No, I do not want to pull over and check my mobile every time some cretinous phone company wants me to check out their 'recipe of the week'.
Anything that allows me to whack them with a big stick is welcome by me.
Mielipiteet omiani - Opinions personal, facts suspect.
First the confusion: The article was written in November of 2003, 9 months ago. SMS has been available for at least 8 years (perhaps not under that name) so why does the article talk about "early adopters"?
Second, the shocked part:
I recently started receiving SMS spam on my Nextel phone. I've has SMS and standard email on the phone for at least 5 years and just recently started receiving junk messages on it. At least once a day I'd get some garbled text telling me to call some number in Seattle, WA to purchase a college degree.
The thing that shocked me was that Nextel does not indicate the source of the message on the phone that received it, You just get the text and the date/time stamp it was received.
I called customer service and technical support, both informed me that Nextel there is no way to track the source of such a message (this is blatantly false, they just don't bother to track it), and that there was no way to block such messages by sender. If I didn't want the messages I'd just have to turn off the service all together.
That simply isn't an option as SMS is one of the ways I monitor my systems; ie: all root logins from anyplace other than approved machines get sent to my phone; important client messages get through on SMS when I have my ringer off at night, etc.
In the end all they did was refund my monthly messaging fee.
I finally gave up, called the number that was listed in the messages and threatened criminal and/or civil action if I received any more messages on my cell phone from them.
I haven't received any more junk in the week since that call. In the end I guess I'm out the nickel it cost to call long distance for a minute.
I just can't understand how a company can charge you for incoming messages when they have no way for you to filter them or even know the source of the message. How could they not see anonymous on-way communication as a potential (likely) source of abuse?
Article X: The powers not delegated... by the Constitution...are reserved...to the people
I'd like a phone that allows SMS only from people in my contacts...
I have received SMS spam, but unlike email, it costs the sender money, thereby limiting the scale of the abuse.
The scam that has been turned up recently over here in the UK has been targetting schoolchildren. You get an SMS saying that someone fancies you, or something like that. You reply, and get hit for a 1.50 ($3) charge. However, the regulations were recently changed to prevent this kind of thing - IIRC, you're not allowed to send an SMS that doesn't explicitly state if the reply is going to cost more than normal.
I am getting spam to my mobile phone for, say 3 years. Now it is ok because my phone was stolen, so I have new a fresh number. I live in EU, Czechia. Enjoy, whoever is using that spammy number now!
SHE does throw dice.
A lot of people are paying for SMS service. Paying. Some people pay for email as well, but not by the message, and the postal mail is in our taxes... but again we don't pay for each delivered message.
But with many SMS providers do they not have a certain fee for a certain number of messages? In effect these spam messages would then be eating in to the allotted # of SMS use you paid for. I don't like that.
I don't know the laws, and I don't care to really because if they don't protect you from this (just referring to the US right now), then I don't want to hear about the laws.
Thank god i haven't received any spam shit yet.
Presently here, but not there.
Spam is in the eye of the beholder. Some people welcome discount offers from Amazon.com in their e-mail, others consider that to be Spam. Your right to have the messages you don't want blocked ends where it starts to interfere with somebody getting messages that they actually want.
Opt-in consent is the best system we have... if you really want to opt-out you should have the blocks set up on the systems you control because clearly an opt-out-by-law system is never going to function.
Because a handful of people with a lot of money like the fact that it exists.
Member of Orkut? Annoyed with spam?
In order to text message me on my cell phone, you must include my nickname enclosed in brackets -- ie: (AnimeFreak). That way spammers have a harder time spamming me.
My GSM/GPRS provider included it in their service, so I made use of it.
Yup, after about 1.5 years of no spam, suddenly, I started to receive SMS messages in spanish! I called Verizon and told them that since they were just a dozen or so junk messages, I was igonring them, but that they should remove the 10cent per message charge from my bill.
The Verizon droid told me that she would 'enhance' my service to a $2.99 per month charge where I would be able to receive 'unlimited' SMS messages!
To make a long story short, I got those charges removed but decided to remove the SMS option from the cellphone because there is no winning when the cellphone company colludes with the spammers.
You can just turn off the ringer for SMS I guess, but on my phone at least, you can't disable it completely (that I know).
The big problem with just turning off SMS is that most people use SMS (Or at least, us teenagers do), and there is no reason for the option.
I doubt spamming on cell phones is every gonna become a big problam like regular spam. For the simple reason that with most cell phone providers, it costs money to receive an SMS or MMS message. SPAM is still around cause in the end, the only cost to the receiver is time and just a painful experience. Paying to receive spam is so outrageous that carriers will take the necessary steps to put an end to it, at the risk of loosing their customers.
im glad that at&t wireless dosent charge for incoming just outgoing
...first of all, it adds an extra word that has to be put in the already limited SMS message (160 chars).
/.)/
Secondly, does the average teen using SMS want to remember a password for every single person they send SMS messages to?
Thirdly unless you made it a "proper" "secure" password (which would be a bitch to enter with predictive text) it is vulnerable to a simple dictionary based attack.
Now all we need is a huge list for "why your SMS spam prevention technique will not work" (a la smtp one that's always popping up on
I am NaN
yes, the model of receiver pays has got to be the most retarded thing ever.
it makes so little sense its invention must have been motivated purely by desire for profit, bypassing all consideration of anything else.
I don't live in the States anymore, so it is hard for me to speak from first hand experience as to what its current SMS state is - but in 1999 and 2000 I could send an e-mail to "phonenumber@phoneprovider.gateway.com" and it would see if that user had SMS capabilities on their service and if so would send it out to them.
I used it to send myself automated reminders and data via my computer - I also used it to harass my friends via e-mail.
Do these things still exist? - I forget the servers that were used, but it was something along the lines of "messaging.sprintpcs.com" or something, and then the phone number before the @.
If they do still exist, then it is just a matter of sending out your spam to every number in that range. Since you know fixed area codes of sorts (not entirely valid on cell phones, but there is still the concept that not every number is used), it limits the number space that you would have to move through.
For instance you know that "0000000000@whatever) is not valid, but "617###0045@whatever" is much more likely to be valid, assuming "###" is a proper series used by the provider in question.
(I can't used fixed examples since I am not as familiar with them now as I once was)
Even if they turned off the open side of it (meaning any e-mail sent to that), there is still the web access side - there was a web interface that would let subscribers send data via a web page to any enabled phone number - even on other platforms.
If you do a search, there are Perl modules and such out there to automate this as well.
You can even do it via AIM/iChat.
I have talked about it to some extent on my spam blog in the past - but I don't want to talk too in depth about it and then make it that much easier for someone that may have not had that idea before.
There are some odd things afoot now, in the Villa Straylight.
After reading this thread I see a lot of people saying how annoying SMS spam is beacuse you get charged for them even if you don't want them. To everyone that has such a service I have to say are you out of your mind?
A service, setup such that as long as your cell phone is on and has service, that can bill you at will seems like the biggest wet dream a phone company could have since they forced leased phones! What incentive at all would they have not to sell the lists of their subscribers to anyone and everyone who wanted them?
I'm sorry, SMS may be neat but when I first got the sales pitch about including it in my service I laughed right in that poor salespersons face. I said if they ever come up with a way that I can deny any SMS message based on who the sender is then I might consider it but until then thanks but no thanks. (She then made a valent pitch about the unlimited service but I think she even knew that it was allready a lost cause.)
Vote with your dollars people. Don't use SMS at all until they make it more intelligent. If I can see who is messaging me I can choose to be charged or not. And if someone fools me and I accept one that I really didn't want, well thems the breaks but it was still my option.
Really, I know what I'm doing...Ohhhh, look at the shiny buttons!
... copy off of ICQ. My cell phone has a phone book in it. It's easy to add/remove people from it. Give me the ability to say "only accept messages from people in my phone book" and the cell phone SPAM issue is solved. WTF email doesn't work this way, I'll never know.
"Derp de derp."