Spammers using Flash SMS

Apparently, spammers are now using Flash SMS to send their messages. This is the first time I have heard of Flash SMS and it is deeply concerning as the message automatically opens and displays on the screen even if the phone is locked. Less savvy users may be easily tricked into thinking that the message comes from an official source.

image

Unfortunately, it seems difficult to disable Flash SMS. The SIM toolkit app is referenced in some instructions online, but the options available in the app is service provider specific. Some providers like mine are more interested in providing Value Added Services like 4D/TOTO results instead of actual important functionality. Until IDA and the Telcos start looking into spam SMS/calls seriously, the problem is just going to get worse and spammers will continue to find new functionality to abuse.

I had previously proposed checking the Home Location Register (HLR) for the last known location and dropping calls/SMSes based on that information. It will require some collaboration between the Telcos but I believe it is a feasible solution. I am sure Telco engineers can come up with similar/better methods to scrub the intentional calls/SMSes ingress line of spoofed calls and SMSes. It appears to be more of apathy and lack of sound technical knowledge plaguing management, allowing the problem to fester.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
Scenario: +65 9123 4567 phone call comes in from an overseas submarine cable.

# Perform the following checks on the HLR
if +65 9123 4567 [valid] is False:
    telco will terminate call since number is not in use
else if +65 9123 4567 [roaming_status] is not_roaming:
    telco will terminate call since phone is in Singapore, but call is coming from overseas
else if +65 9123 4567 [reachable] is absent:
    telco will terminate call since phone is offline, but call is coming from overseas
else:
    route the call to the recipient since phone appears to be overseas

image