Spammers using Flash SMS

Apparently spammers are now using Flash SMS to send their messages. This is the first time I have heard of Flash SMS and it is deeply concerning as the message automatically opens and displays on the screen even if the phone is locked. Less savvy users may be easily tricked into thinking that the message comes from an official source.

image

Unfortunately, it seems difficult to disable Flash SMS. The SIM toolkit app is referenced in some instructions online, but the options available in the app is service provider specific. Some providers like mine are more interested in provider Value Added Services like 4D/TOTO results instead of actual important functionality. Until IDA and the Telcos start looking into spam SMS/calls seriously, the problem is just going to get worse and spammers will continue to find new functionality to abuse.

I had previously proposed checking the Home Location Register (HLR) for the last known location and dropping calls/SMSes based on that information. It will require some collaboration between the Telcos but I believe it is a feasible solution and should solve the problem. I am sure Telco engineers can come up with similar/better methods to scrub the intentional calls/SMSes ingress line of spoofed calls and SMSes. It appears to be more of apathy and lack of sound technical knowledge plaguing the management, allowing the problem to fester.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
Scenario: +65 9123 4567 dialling in from overseas

if +65 9123 4567 is currently not in use:
    # confirm to be spoofed since number not in use
    telco will terminate call 
else:
    if +65 9123 4567 last known location in HLR is in Singapore:
        # handphone cannot be located in Singapore and overseas at the same time
        telco will terminate call 
    else:
        # either handphone is located in Singapore but turned off (unlikely in present day) or handphone is overseas and it is a legitimate call
        route the call to the recipient