MTN is fighting back against the staggering number of cyber attacks and fraudulent subscriptions prevalent on digital platforms.
Following an investigation into fraudulent WASP subscriptions by MyBroadband, the mobile operator provided information regarding the pervasive problems with providing content services through digital platforms.
MTN said click-jacking and malware attacks are commonly-used tools to fraudulently subscribe numbers.
“Given the current paradigm shift in the market to evolve into a digital connected era, all markets have decided to move business from analogue platforms to that of digital platforms that have the ability to capture the market that has been untapped through the world wide web,” MTN South Africa executive for corporate affairs Jacqui O’Sullivan told MyBroadband.
“This has then resulted in many operators taking to the digital platforms and digital marketing initiatives to evolve their business to become acclimatised to these new markets and be seen as evolving with the market trends,” she added.
“These new business strategies come with their own set of challenges posed to businesses and customers, such as cybercrime and Internet fraud.”
MTN aims to achieve a balance between offering customers accessible content and keeping them secure.
“We believe a balance needs to be struck between offering customers ease of access to genuine and value-adding content, while still providing the necessary security protocols – hence the many steps MTN has taken to achieve this,” O’Sullivan said.
O’Sullivan also noted that fraudulent subscriptions to content services were becoming increasingly prevalent in emerging markets.
“In emerging markets, it can be seen that up to 82% of transaction requests can be fraudulent that occur through these cyber channels,” she said.
“This data is based on 12 markets and 18 operators that we have deployed with our fraud prevention solutions. The amount may vary slightly dependent on the media mix and territory.”
MTN said fraud detection and prevention systems process around 16 million fraudulent transactions per day, and have identified 42,000 malicious apps that are blocked globally.
The data also found that there are around 15 million devices infected with fraudulent malware applications.
“The overall ad fraud ecosystem is worth around $16 billion,” O’Sullivan said. This includes impressions fraud, click fraud, transaction fraud, and more.
How it works
MTN stated that fraudulent subscriptions are occurring via attacks that mislead users, as well as attacks initiated by malware installed on the user’s device.
In the first case, these attacks can use tools such as click-jacking, domain spoofing, MSISDN spoofing, ad-stacking, and more to fraudulently sign up users to services without them realising it.
Many of these attacks are similar to conventional phishing attacks, attempting to trick users into navigating to a page or clicking on certain elements by disguising these as something else.
Attacks that use MSISDN spoofing can be subtle and rely on malicious elements that collect your MSISDN without your permission.
In the second case, attacks are conducted by a piece of software running on the user’s device without them realising an attack is taking place.
This software can replicate user behaviour in the background, fraudulently subscribing users to a WASP or other content services.
To prevent these attacks, users should be wary of which applications they choose to install on their device, and should regularly check their content service subscriptions via their mobile provider’s USSD menu.
It is important to note that MTN has four different USSD strings for detecting and managing content service subscriptions – each of which must be checked separately.