It’s estimated that annual SMS revenues for operators will reach $64 billion in 2024. However, the rise of SMS fraud and security threats are putting these revenues at substantial risk. These are the top drivers of SMS fraud that operators must be prepared for in 2025.
- Rise of eSIMS
Juniper Research [1] projects that there will be a 208% increase in eSIMs from 2024-2028, which will mostly be spurred on by the rise of IoT. There are a lot of advantages to the growth of eSIMs, including easier remote provisioning of new devices and services, flexibility to switch carriers seamlessly, and greater security features than physical SIM cards. However, according to the Communications Fraud Control Association [2] (CFCA), 52% of survey respondents say that eSIMs will increase the prevalence of telecom fraud. SIM Box fraud, for example, is one area where eSIMs could either reduce or accelerate SMS fraud. On one hand, eSIMs are embedded with further security protections, making it harder for fraudsters to exploit using their traditional methods. However, as eSIM adoption rises, so too will the attack surface for fraudsters to capitalize on. This will provide a rich environment for fraudsters to launch bot-style attacks or SIM Box fraud by targeting potential weaknesses in eSIM implementations.
- Expansion of 5G and IoT
At the end of 2024, it is estimated that there will be 18.8 billion connected IoT devices, which is expected to grow to 40 billion by 2030 [3]. All eyes are on how to capture these IoT revenues the fastest, particularly as annual connectivity revenues are expected to increase from €12.4 billion in 2023 to €21.0 billion by 2028 [4]. However, this opportunity has also brought new levels of fraud and security threats to communications service providers. According to the CFCA survey mentioned earlier, IoT now stands in the top three emerging fraud methods affecting CSPs, following behind subscription fraud and account takeover. Survey respondents revealed that the most common ways that IoT devices are being used to commit fraud are:
- IoT devices used to exploit traffic policies
- IoT devices used to abuse unlimited data services
- IoT devices used to launch DDoS attacks
Launching DDoS attacks is a critical threat that is already knocking on CSPs’ front doors. According to a recent report [5], there was a 400% growth in IoT-targeted cyberattacks between 2022 and 2023, where manufacturing was the most targeted sector for IoT attacks. As SMS is vital for IoT services for waking devices from low-energy mode, delivering configuration updates over-the-air (OTA), and, in some cases, carrying service data, protections must be put in place to ensure that these communications remain secure and are not interfered or tampered.
- Rise of AI and Generative AI
Although there are no definitive statistics on the rate at which AI is being used to commit telecom and SMS fraud, anecdotal evidence from operators and telltale signs indicate that fraudsters are using AI to increase the volume and speed of fraud attacks today. For example, operators have seen that generative AI (GenAI) is being used to create tailored SMSs for smishing attacks. And they can foresee that AI will be used to devise new attacks as well as taking inspiration from previous attack techniques and repackaging them in new ways that make it more difficult for anti-fraud systems to detect and prevent attacks.
However, what may be more concerning than fraudsters’ rising use of AI is the readiness, or unreadiness, of operators to detect and respond to fraud attacks whether they use AI or not. The CFCA survey [6] found that:
- Only 40% of operators have analytics in place to detect robotexting
- As many as 41% of carriers say they do not have real-time threat detection capabilities in place to mitigate against fraud and security attacks.
How Operators Can Protect Themselves from 2025’s SMS Fraud Threats
2025 must be the year that operators prioritize how they protect their SMS revenues and customers from SMS fraud and security threats. Enghouse Networks’ SmartGuard SMS firewall is a single platform that supports millions of transactions. With AI and machine learning capabilities and seamless integration with Enghouse Networks’ SMSC and 3rd party SMSCs, SmartGuard SMS Firewall provides end-to-end protection against SMS fraud and security threats.
What’s more, the SmartGuard SMS firewall protections go beyond standard SMS traffic by providing critical protections for IoT devices. The SmartGuard IoT Device Screening module ensures that SIM-based IoT devices exchange calls and SMS with only authorized contacts. MNOs can provide each IoT business customer with its own platform to register devices with the network, ensuring that SmartGuard will intercept and screen each SMS against an allowed list and that only approved messages are delivered to IoT devices.
Learn More
To learn more about how operators can target SMS Fraud in 2025, download the eBook: ‘The Operator’s Complete Guide to Eliminating SMS Fraud’ or contact us for a demo.
