More than 30K unique SMS spam pitches sent to mobile devices per month: report
On average, 30,000 unique SMS spam pitches were sent per month throughout 2012, according to a new report from Cloudmark.
The 2012 Messaging Threat Report points to the growing sophistication of SMS spammers, with "Receive a Gift Card" and "iPhone/iPad Free Giveaway" as the most prevalent types of SMS spam observed in 2012. There were approximately 359,000 unique SMS spam pitches throughout 2012.
?SMS messages are far more likely to be read and responded to than email spam,? said Andrew Conway, a researcher at Cloudmark, San Francisco. ?For example, SMS message open rates are about 90 percent versus email, which averages an open rate of about 20-25 percent with an average rate of 20-25 percent.
?For spammers, mobile spam provides a higher ROI and looks like a big pile of money waiting for them to help themselves to,? he said.
?Obviously, the increasing spam levels will make SMS a less-trusted source, as email has become. This will make it hard for legitimate marketers.?
Other key findings from the report include that the highest churn rate occurred in December 2012, with more than 53,000 unique pitches.
Smartphone adoption continues to grow and many consumers have a lot of trust for their mobile devices, believing that communications received via their smartphones are from someone they know or have done business with. The growth in adoption has, in turn, driven the use of mobile devices to send and receive SMS text messages.
Spammers are attracted to SMS for many of the same reasons that it is a popular strategy for marketers looking to reach mobile users.
Of adults in the United States, 60 percent claim to have received spam SMS text messages within the last year, per a recent study from Cloudmark. The study also found that 13 percent clicked the link provided and nine percent called the number given in an unsolicited text.
Additionally, 41 percent said they would reply "STOP" to unwanted texts, which could incur hefty charges if the reply is sent to a premium-rate number.
Cloudmark reports that mobile threats are getting more sophisticated and expects the trend to continue in 2013.
The top scam trends for 2013 includes the first Android botnet to be used to send SMS spam. The SpamSoldier Android Botnet, initially seeded via SMS messages, purported to offer free versions of popular mobile games.
The downloaded game files contained both an initial loader program and a pirated copy of the game. When mobile users ran the game, the loader program sent SMS spam, deleted itself and installed the pirated game.
During the period when the spam was first detected in November to when it was taken down in December, it is estimated that the spammer sent between five and 10 million SMS messages, resulting in several thousand mobile devices being infected with the malware.
Other threats include blended messaging that uses a combination of email, SMS messaging, instant messaging conversations and mining of social network relationships to send spam.
The most popular method of SMS spam, per the report, is offering free items, with ?Receive a gift card? and offering a ?trial of an iPad or iPhone? totaling more than 50 percent of the volume of SMS spam.
?Spammers are getting more sophisticated in their attacks and are using advanced techniques like data mining on social networks, Android botnets and SMS response bots,? Mr. Conway said.
?Spammers are also constantly revising their messages in order to ensure higher open rates,? he said. ?For example, last year, spammers employed an average of 30,000 unique pitches per month.
?The most popular attacks in 2012 were fake gift cards and iPad free giveaways. These types of offers often require mobile users to offer privacy-compromising information via survey and multiple click-throughs to various sites to qualify for the free gift."
Sending the right message
To address SMS spam, Cloudmark recommends that users forward spam texts to their carrier via ?7726,? spelling out SPAM on the keypad.
Additionally, users should not text ?STOP,? as this will only confirm that the number is live and encourage the spammer to continue to target that phone.
Users should also only download mobile applications from reputable app stores and read the terms of service closely; never respond to an SMS requesting login details or other personal details and speak to their mobile operator to see if they can set up content filters.
?Since SMS messages are highly invasive - your phone is making noises to tell you they are there - legitimate marketers should be absolutely sure that the messages they are sending are ones their customer really wants to receive and not just ones that they want their customer to receive,? Mr. Conway said.
Chantal Tode is associate editor on Mobile Marketer, New York