In addition to Telecommunication services, many communication networks support electronic messaging services, for example and without limitation, Short Message Service (SMS), Multimedia Message Service (MMS), voicemail, or email. Typically, elements of the network use indicia of source and destination addresses (for example, directory numbers, IP addresses, e-mail addresses or the like) extracted from the message header to process the message or call. For example the networks may use source and destination addresses extracted from the message header for routing, billing, caller ID or other purposes.
Increasingly, a problem encountered in the field of messaging is the practice of message ‘spoofing’ (i.e., a sending party prefacing its messages on calls with a falsified source address) so as to appear to originate from a sender other than the true sender and thereby disguise the identity of the true sender. For example, message spoofing may be practiced in the context of “spam” messages to mislead the receiving party as to the source of the message. As another example, spoofing technology can be used by an imposter to grant access to a spoofed party's voicemail account. Message spoofing might also be practiced in attempt to divert or impede billing for electronic messaging services.
Phishing also may be implemented by spoofing; in this deception an attacker masquerades an electronic communication as being from a trusted entity in an attempt to lure recipients into divulging sensitive information such as usernames, passwords and credit card details. Phishing often requests users to enter details that may later be used to access the user's financial or personal information. Attackers can then use data such as login credentials to access an actual account and otherwise use confidential information entered innocently by the unsuspecting user.
SMS spoofing is a relatively new practice which uses the (SMS), available on most mobile phones and personal digital assistants, to set who the message appears to come from by replacing the originating mobile number (Sender ID) with alphanumeric text. Spoofing has both legitimate uses (setting the company name from which the message is being sent, setting your own mobile number, or a product name) and illegitimate uses (such as impersonating another person, company or product).
The Global System Mobile industry has identified a number of potential fraud attacks on mobile operators that can be delivered via abuse of SMS messaging services. One sure way of detecting and blocking spoofed messages is to screen incoming mobile-originated messages to verify that the sender is a valid subscriber and that the message is coming from a valid and correct location. This can be implemented by adding an intelligent routing function to the network that can query originating subscriber details from the Home Location Register (HLR) or other type of communication network before the message is submitted for delivery. This kind of intelligent routing function however may be beyond the capabilities of legacy messaging infrastructure.
Phone calls may be similarly spoofed, with similar consequences. Caller ID whether on a cell phone, home phone or VoIP phone is typically trusted by users and thus with that trust, a fraudster may exploit it to the user's disadvantage.
While fraudsters normally used spoofed-identities to send messages, there is a risk that these identities may match those of real home subscribers. The risk therefore emerges, that genuine subscribers may be billed for roaming messages they did not send. If this situation occurs, the integrity of the home operator's billing process may also be compromised, with potentially huge impact on the brand. This is a major churn risk to service providers.
The disclosed subject matter presents a novel method of determining the authenticity of the source identifier of the sender in a communication network wherein the incoming message intended for a user includes a source identifier indicating the sender of the incoming message, where the source identifier is subject to possible message spoofing so as to appear to originate from a sender other than the true sender. The method includes extracting the source identifier from the incoming message and obtaining a destination identifier from one or more outgoing messages previously sent from the communication device indicated by the extracted source identifier. The method further comprises comparing the destination identifier and a recipient identifier associated with the user to determine if the source identifier is authentic and notifying the user of the determination.
The disclosed subject matter also presents a novel method of authenticating a sender associated with the source identifier of the received SMS message. The method including extracting the source identifier and providing it to a validation server. The validation server requests information from the communication device indicated or associated with the source identifier. A response from the communication device includes an identification of the recipient of the SMS message and a time stamp associated with the message; and based on the information, the source or sender of the SMS message may be authenticated.
The disclosed subject matter overcomes or mitigates deficiencies of the prior art by advantageously providing an additional layer of security without resorting to the prior art methods and their associated disadvantages as described above. These and many other objects and advantages of the present invention will be readily apparent to one skilled in the art to which the invention pertains from a perusal of the claims, the appended drawings, and the following detailed description of the preferred embodiments.
The following detailed description of preferred embodiments refers to the accompanying drawings, which illustrate specific embodiments of the disclosed subject matter. Other embodiments having different structures and operations do not depart from the scope of the present disclosed subject matter.