The Infocomm Media Development Authority (IMDA) has been collaborating with the Singapore Police Force, governmental organizations, and business partners as part of the multifaceted effort to combat scams. There should be more than one line of defense, and IMDA is developing fresh strategies for safeguarding SMS communication.
A trial SMS Sender ID Registry was introduced in August 2021. However, in March of this year, IMDA accelerated the creation of the Singapore SMS Sender ID Registry (SSIR) in response to the rise in SMS fraud. As a result, SMS that impersonates or use registered SSIR IDs were blocked in advance, reducing the risk of fraud.
Since the SSIR’s creation, more than 120 organizations from the public and private sectors have joined. As a result, compared to the previous three months, a threefold fall in the number of reported SMS scam incidents has occurred.
Even though the SSIR has been effective, it is still a voluntary system because it is only for organizations that agree to register and protect their Sender IDs. However, non-registered Sender IDs, such as those from businesses that opt not to register or IDs that do not belong to any organizations, may still be used to send phony SMS messages to the general public.
In order to increase the fraud protection capabilities similar to the full registration regime, IMDA also intends to make SSIR registration mandatory for organizations using Sender IDs. Only registered Sender IDs will thus be accepted. All other unregistered Sender IDs will automatically be blocked. This further safeguards SMS as a communication medium.
The agency suggests that merchants or organizations who use SMS Sender IDs must register with the SSIR (UEN) using their Unique Identifier, and aggregators that want to process SMS using Sender IDs must join the SSIR and validate merchant or organization registrations using their UENs.
These will make it possible to clearly identify the businesses hiding behind the Sender IDs. It strengthens the assurance that Sender IDs are exclusively used by trustworthy businesses. A transition period commencing in October 2022 is advised before the full SSIR registration requirement takes effect at the end of 2022 since organizations may need time to adjust.
Additionally, the ability to recognize and filter potentially fraudulent signals upstream in the telecom network has been made possible by machine reading technology.
The suggested techniques can initially identify fraudulent links in SMS that take users to phishing websites; carriers can then create systems to identify suspicious scam message patterns and filter them appropriately. IMDA is asking for public input on these suggested measures.
The suggested adjustments are a part of a comprehensive, continuing plan to strengthen security against con artists. The goal of doing this was to reduce the volume of fraudulent calls and text messages that were entering the communication networks.
Similarly, IMDA offers advice to the public on how to cope with phishing SMS and calls. Among them are:
after being made aware, blocking dangerous URLs and fake websites;
Give customers the option to cease receiving international SMS in the future;
SMS aggregators employ spoof IDs to stop communications from upfront con artists;
separating apart and emphasizing international calls;
Block international spoofing numbers on fixed and mobile networks;
allowing clients to opt-out of receiving overseas calls.
The IMDA advised the public to exercise caution. Scammers will, however, keep changing their deceitful techniques and tactics. By itself, additional safeguards for telecom channels are insufficient.
The best defense is an informed public, where each consumer exercises personal caution and helps to increase public awareness by spreading information about how to spot scams to their friends.
