Home
Organisation team
Photo
People(Members of action)
Report on facebook
Report on Twitter
History of Twitter
Leadership of Twitter
Appearance and features of Twitter
Usage of Twitter
Finances of Twitter
Technology of Twitter
Developers of Twitter
Society and Twitter
Television and Twitter
Contact



SMS spoofing


SMS spoofing is a technology which uses the short message service (SMS), available on most mobile phones and personal digital assistants, to set who the message appears to come from by replacing the originating mobile number (Sender ID) with alphanumeric text. Spoofing has both legitimate uses (setting the company name from which the message is being sent, setting your own mobile number, or a product name) and illegitimate uses (such as impersonating another person, company, product). This can also send "mysterious" messages that look like they are from legitimate numbers or contacts.

SMS Spoofing occurs when a sender manipulates address information. Often it is done in order to impersonate a user that has roamed onto a foreign network and is submitting messages to the home network. Frequently, these messages are addressed to destinations outside the home network Š with the home SMSC essentially being ˝hijacked˛ to send messages into other networks. In advanced cases they can even hijack existing contacts in a phone.

An SMS Spoofing attack is often first detected by an increase in the number of SMS errors encountered during a bill-run. These errors are caused by the spoofed subscriber identities. Operators can respond by blocking different source addresses in their Gateway-MSCs, but fraudsters can change addresses easily to by-pass these measures. If fraudsters move to using source addresses at a major interconnect partner, it may become unfeasible to block these addresses, due to the potential impact on normal interconnect services.

In 2007, The UK premium rate regulator, PhonepayPlus (formerly ICSTIS) concluded a public consultation on anonymous SMS, in which they stated they were not averse to the operation of such services. However, in 2008 PhonePayPlus introduced new regulation covering anonymous SMS, requiring anonymous SMS service providers to send a follow-up message to the recipient stating that a spoofed SMS has been sent to them, and operate a complaints helpline.

If a user can prove that their SMS sessions have been spoofed, they should contact both law enforcement and their cellular provider, who should be able to track where the SMS messages were actually sent from. A user may also modify the phone's settings so that only messages from authorized numbers are allowed. This is not always effective since hackers could be impersonating the user's friends as well.