The phenomenon of “disappearing airtime” reared its ugly head again recently, with many customers reporting that their airtime was vanishing despite their devices not being used.
After an investigation into a large number of cases reported on MTN’s network, MyBroadband discovered that this was the result of fraudulent subscriptions to WASP services.
These subscriptions were created by malicious bots which used click-jacking and MSISDN spoofing to subscribe MTN customers to content services without their knowledge.
MTN confirmed that these fraudulent WASP subscriptions had become a major issue, with many customers reporting that they had been signed up fraudulently to content services.
The mobile operator told MyBroadband that it was implementing a number of security measures to prevent the occurrence of fraud on its network and reduce the prevalence of fraudulent WASP subscriptions.
A number of these systems have already been implemented on MTN’s network, supposedly protecting users against fraud and fixing the “disappearing airtime” problem.
We put these systems, and other preventions, to the test on the two biggest mobile networks in South Africa – MTN and Vodacom.
We inserted a prepaid Vodacom and MTN SIM into Nokia 5 smartphones and checked on both devices for any existing WASP subscriptions.
Neither reflected any active WASP subscriptions.
We then connected both smartphones and started up the My Data Manager app on each device to monitor any unexpected data usage.
Each SIM was loaded with R30 airtime, and we then began to browse the Internet.
MTN previously told MyBroadband that WASP fraud can occur from malicious bots engaging with banners advertising its content services.
Subsequently, we navigated through advertising banners and menus on the Vodacom Live! and MTN Play platforms to see whether our number would be fraudulently subscribed.
We also clicked on advertising banners on other less-reputable websites, many of which were unsecured and served adverts which aimed to collect user information
We did not subscribe to any services – as this would require us to approve via an opt-in message – or select any option which stated that it would deduct airtime.
We monitored the airtime balances of both devices throughout the test.
At the beginning of the experiment, each SIM had the following airtime balance:
- Vodacom – R30.61
- MTN – R30.00
After three days of clicking across hundreds of advertising banners across both operators’ content service pages and a variety of other sites covering everything from gambling to adult entertainment, we stopped the test.
For the duration of the test, we did not receive any SMS notifications regarding WASP subscriptions, nor did we receive any spam SMSs or direct marketing calls.
At the end of the test, we checked the airtime balances of both devices, and they reflected the following:
- Vodacom – R30.61
- MTN – R30.00
Airtime balances on both SIMs were unaffected, which meant that there was no disappearing airtime issue on our devices.
This may be good news for consumers, as the effects of MTN’s anti-fraud systems preventing click-jacking and MSISDN spoofing attacks could have contributed.
MTN has combated click-jacking attacks by suspending all off-deck marketing campaigns and implementing a number of advanced systems to detect and block fraudulent subscriptions.
The mobile operator implemented these safety measures directly following an investigation by MyBroadband into fraudulent WASP subscriptions.