AIT is a form of SMS fraud that generates high volumes of fake traffic through mobile applications or websites. The world of A2P messaging is complex, involving various parts, gateways, and protocols designed to ensure users receive intended communications. Navigating this intricate ecosystem isn’t easy and creates opportunities for fraudsters to exploit. One such fraudulent scheme, known as Artificially Inflated Traffic (AIT), has been gaining momentum unnoticed by many enterprises until now.
Here’s how AIT typically works:
- Fraudsters deploy automated bots to generate fake accounts
- The bot triggers a one-time passcode (OTP) SMS to mobile numbers
- The fraudster collaborates with a rogue party to intercept the inflated traffic without delivering messages to the end-user
- Together, they claim revenue and share profits
- They repeat the process to further inflate revenues or manipulate conversion statistics.
Businesses often bear the financial burden of these scams, especially when messages are delivered to long-distance locations where costs are higher
Identifying AIT presents a challenge due to its evasion of common SMS regulations and agreements. Consequently, it bypasses MNO firewalls, as OTPs are not flagged as spam.
However, the impact of AIT extends beyond individual businesses, threatening the entire messaging ecosystem. With rising SMS costs and evolving regulations, brands are exploring alternative authentication methods, potentially diminishing A2P SMS revenue for mobile operators.
What can be done?
Although there’s no one-size-fits-all solution, businesses can adopt several measures to mitigate the risk of fraudulent attacks:
- Deploy robust monitoring systems capable of detecting unusual outgoing message volumes and suspicious behavior
- Keep a close eye on OTP SMS conversion rates, as anomalies may indicate fraudulent activity
- Apply limitations on message request attempts from the same IP address or device
- Consider disabling message delivery to unused destinations and utilize CAPTCHA or similar tools to deter bots
How can Text2reach help you address AIT?
Text2reach is dedicated to upholding transparency and accountability standards. We implement measures to block identified AIT fraud within our network and provide AIT detection as part of our Text2reach SMS service.
Text2reach recommends taking the following steps:
- Request messaging providers to restrict traffic to relevant countries (keep SMS gateway only for countries your clients are)
- Implement filtering mechanisms based on sender ID, content, or number ranges
- Set limits on SMS messaging accounts to mitigate risks.
