Today the Federal Trade Commission (FTC) announced that they have charged 29 defendants with collectively sending 180 million unwanted text messages.

The text messages advertised “Free” Gift cards or prizes from major retailers such as Best Buy, Walmart and Target.  However, consumers who clicked on the links contained in the text messages were required to provide personal information and to sign up for other “offers” in order to be eligible and then also had to sign up other people for these offers.

Because the consumers who were receiving these text messages had not signed up to receive these messages, many people reported the messages as spam to the 7726 short code which is offered by the major US mobile carriers through the GSMA Spam Reporting Service, powered by Cloudmark.

7726 data highlights that the FTC has chosen to strategically go after the largest source of SMS spam in the US.  Gift Card spam has consistently been the largest category of SMS spam complaints in the US over the course of 2012.  For five months of the year it was over 50% of the volume being reported to 7726 and for 11 of the 12 months it was higher than any other category.  The only month where it dipped was October when there was a spike in bank phishing text messages.  The graph below shows the monthly percentage of spam reports which were gift card messages.

In contrast during February this year, there was a dramatic drop in Gift Card spam that started around Feb 20th.  We can’t know for sure if the drop off was caused by the FTC’s action, but it is a significant drop from being regularly over 50% of the reports, to under 10% of the reports for the last 3 days.  It will be interesting to watch the numbers going forward to see if they stay down, or whether the spammers will find new ways to send the spam or whether new spammers will take the place of the old ones, in order to keep traffic going to these sites.

To view the data another way, here are the main types of spam attacks reported during 2012.  Receive a Gift Card spam was 44% of all the spam reported in 2012:

In contrast in the first few days of March 2013, Receive a Gift Card spam has only been 7% of all the spam reported:

The agility of the FTC in going after the major source of SMS spam is impressive.

Spam that advertises free gift cards isn’t new. Theses posts from 2011 (Spam or Not Spam) and last year (Olympic gift cards with a shot of Starbucks) highlight gift card spam being sent to email recipients.  Because the spammers can get paid by the operators of the gift card websites, their incentive to send spam and get users to the website is high and they will look for the easiest, cheapest and most effective way to advertise and send traffic to their website, whether that’s via email, SMS or social networking.

One tactic we’ve seen the Gift Card spammers using lately is to use links hosted by URL Shortening websites to redirect through the shortener link to the website that will try to collect the users personal information and  sign them up for the various offers in the hopes of gaining the elusive gift card.

However, targeting mobile consumers is much more intrusive and has additional costs when compared to email spam, because people carry their mobile phones with them throughout the day and many people still have to pay a per message cost for every SMS they receive.  Therefore it’s gratifying to see the FTC going after these spammers.

Fighting spam is a collective effort.  The more ways that the cost of sending the spam can be increased, the less likely the spammer is to send that type of spam.  When the URL Shortening websites take action to make it harder for spammers to use their services this also helps decrease the spam.  And when legal action is taken against a spammer, it can often deter both that spammer and the other spammers who see the legal action being taken as they take the cost of the legal action into account.

In order to stay in business, spammers like to cycle through assets quickly, like email addresses and phone numbers. Once we detect an email address or phone number being used for phishing, we block it, then they use another one. However, sometimes spammers like to hold on to some of their assets for a while…a long while.

This SMS phish was recently sent out:

What’s interesting is that this phone number has been used in email phishing since 2007, which is quite a long time in Internet terms: http://www.419scam.org/emails/2007-06/22/01058205.12.htm

But if you keep going back, there are samples from 2006: http://www.419scam.org/emails/2006-07/14/619719.1.htm

…And even 2005!! http://www.419scam.org/emails/2005-10/17/351179.619.htm

To put it in perspective, this same phone number has been in use in the year when Google Maps launched (February 8, 2005), NewsCorp purchased MySpace (July 18, 2005), and a little site you may have heard of called “YouTube” launched (February 15, 2005).

What would make a spammer keep the same number for such a long time? We can only speculate – maybe it’s been quite profitable for him and doesn’t want to give it up, or maybe it’s the combination on his luggage.

What can be taken from this? Spammers are sending the same content to SMS as they are to email. The techniques that we’ve developed for email spam filtering should also be applied to SMS as well. That way, those spammers still hanging on to their pre-YouTube era phone numbers might have to consider getting new luggage.

Mashable did a video spot about the blog post we did earlier this week: Cyber Monday UPS package not delivered email fraud

http://mashable.com/2011/11/28/ups-package-not-delivered-scam/