“Cases of fraud are on the rise. Operators, institutions and companies must assume their responsibilities and protect the users of their services. Currently, one of the most popular methods of SMS fraud is a fake SMS message with a fake sender and a request to open a link in the SMS message and connect to the website specified in the link. As a result, we have identified possible ways to solve these problematic issues,” said Darius Kuliešius, Vice President of the RRT.
According to him, first of all, the RRT aims to oblige operators to transmit only short named messages that correspond to the identifying characteristics specified by the senders.
“By applying sender identification measures, operators will significantly reduce opportunities for fraudsters to impersonate Lithuanian public institutions, banks, postal couriers and other popular service providers who often send information to users via text message,” the RRT board member explained.
In addition, upon receipt of information on cases of fraud or other security incidents related to the sending of named short messages, operators will be required to immediately stop the transmission of these short messages.
In 2020, RRT had already appealed to mobile operators with a request for cooperation and thus prevent cases of fraud. In addition, the Rules for Allocation and Use of Telephone Termination Numbers provide that communications service providers who have provided telephone termination numbers issued by RRT to others are responsible for the use of the Telephone connection provided. Unfortunately, the current situation shows that these measures have not been enough.
After the entry into force of the new solutions proposed by RRT, operators would have the obligation to block telephone numbers when calls are received from foreign operators with Lithuanian fixed numbers, as well as when calls are received from numbers not allocated or when calls are concerning the roaming service, although the user of the number has not left the territory of Lithuania.
“Blocking SMS with incorrect ID is the first line of defense for consumers. If the fraudsters are successful in sending the message, the second line of defense would be to block the malicious link in the content of the SMS. Internet Service Providers are required to block access to harmful Internet resources, the register of which is established by the National Center for Cybersecurity. In this way, a user who even temporarily loses caution would be protected and could not access a fraudulent website”, said D. Kuliešius, emphasizing that the RRT will continue to actively educate users without the planned measures.
Source: The Delfi