A huge rise in text message spam has left UK mobile customers more at risk than ever from fraud, data exclusive to the Huffington Post has shown.
In all 95m spam text messages are processed per day in Europe and America - 45m in Europe alone - of which 92% is related to fraud.
And according to the report by messaging security firm Cloudmark about a third of those messages (33.2%) are sophisticated attempts by fraudsters to gain personal data to sell for profit.
Known as 'smishing' - a term which is a combination of SMS and 'phishing' - the messages are part of a recent trend towards more complicated and misleading spam which is harder for customers to detect.
Many of the messages appear to be offering mobile banking services, or PPI compensation.
At least 15m of the more aggressive forms of SMS spam are received every day in Europe, Cloudmark said.
Overall the rate of SMS spam has increased more than 300% in a year.
In the UK the top four types of spam messages are:
- Accident compensation spam (34.53%)
- PPI Compensation spam (31.74%)
- Instant Loan Spam (21.59%)
- Debt eradication spam (5.32%)
Meanwhile the amount of email spam has declined from highs of 95% of all email in 2000, to 74% in 2010, as spam filters have improved, and spammers have adapted to changes in communications habits.
Mary Landesman, senior security researcher at Cloudmark, told the Huffington Post that 'smishing' was rising for one reason only: profit.
"As mobile adoption outpaces traditional computing adoption, criminals will follow suit," she said.
"Quite simply, criminals, spammers, can scammers are keen to ensure the highest return on their investment - meaning they will follow the users. SMS is particularly attractive because while operating systems between mobile devices may vary, all support SMS messaging. "
Above: A spam SMS received by a Huffington Post staffer.
SMS spamming is low cost, and easy to hide, she said:
"Since there is no legitimate 'brand' the scammers need to protect, they don't need to be concerned with legal compliance or customer reaction to their campaigns."
Landesman said those concerned about smishing should report it, if possible - but should never respond.
"Unfortunately, many believe that these messages are somehow personalized to them (and indeed, scammers can sometimes go to great lengths to make it appear so)," she said.
"But just as in the traditional computing environment, any message can be spoofed to appear to be from a valid sender. It's also important to recognise that most scammers simply brute force… in other words, they aren't sending to "you" specifically, but rather your number happened to be one of the tens of thousands of combinations they tried."