Spam Spam Spam Spam, Spam Spam Spam Spam, Lovely Spam, Wonderful Spam

This morning I got an unsolicited SMS spam “Home owners ? do u need money? R100,000 @ R752 pm! Reply YES and we?ll phone you”. I know that everybody gets things like this and they just shrug them off, but I have a rabid hatred of spammers.

With e-mail spam, there’s normally nothing you can do. The spammers are on the other side of the world, and they’ve used a botnet. But when I get something from South Africans, I act. We have the ECT act protecting us against spam. It’s not the most effective anti-spam legislation, but it’s better than nothing. I’ll send the IOZ Spam Message to the spammers, their ISP, the domain registrants etc etc. Usually I get a response. Usually they remove me from their lists. (If they don’t, their VP of marketing is going to have me harassing him over the phone in short order.) But of course they rarely mend their ways. Sometimes we end up in long e-mail arguments backwards and forwards, them saying “but I’m justified in spamming, because of foo”, me saying “no bloody way, because of bar” etc. It’s ineffectual and depressing, but at least I’m doing something to deter spammers and keep South Africa relatively clean.

But enough about e-mail. It’s time for some tips on dealing with SMS-spam. The SMS Spamming industry (euphemisms: direct marketing, wireless application service provider) is attempting to regulate itself rather than be regulated by government. They’ve formed WASPA and signed the sms code of practice. WASPA lets you file complaints against its members and fines them (although the fines are rather paltry).

I heard about them via Jeremy Thurgood’s recent spam-scapades. His spammers were charging R1 to opt-out. While the WASPA code of conduct allows a <=R1 fee, I agree with him that this is intolerable extortion.

In my case, my spammers had broken a few WASPA code of conduct rules:

  • 5.1.1.: They didn’t identify themselves in the SMS
  • 5.1.2.: There is no opt-out facility that I know of.
  • 5.1.4.: There is no advertised opt-out procedure.
  • 5.2.1.: I’m very careful about not allowing people to spam me, so I’m pretty sure they failed all the options. I’d like them to prove otherwise.

I looked up the originating number on the SMS Code website. It belongs to Celerity Systems. They are currently under a suspended sentence at WASPA, so my WASPA complaint should force them to fork out a fine. Lets hope for the best.

I’m against capital punishment, but I wouldn’t mind seeing a few spammers being hanged, drawn and quartered :-)

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

sms spam

Dear Stefano

It is with regret that we have to admit our messaging platform was used in this spam incident. The sender has been identified as DirectBonds.co.za. Due to their incriminating response, and subsequent unnavailability, we have suspended their account. We have also notified WASPA of our actions, and the details of our investigation. While more than a month has passed since your initial complaint, we had to give our client sufficient time to respond.

While A2P sms messaging is used in many beneficial ways, such as ADSL usage notifications, it can also be abused. As a Messaging Provider, it is our policy to be only that. We do not and have never provided our clients with numbers, and we do not offer consumer content services. We respect the privacy and freedom of speech of our clients, hence we do not filter or monitor any outgoing messages. We do however act on complaints and investigate each incident in detail, and try to act appropriately. It is a common misconception that Messaging Providers own lists of numbers, and hence are responsible for most spam.

We are confident that sufficient complaints such as yours to WASPA will clean up the industry. WASPs have a responsibility to act if the WASPA code is transgressed. If this is done consistently, spammers will change their ways. Already we see that major instances of spam result in multiple complaints to WASPA. Some businesses have also been blacklisted by WASPA.

While many anti-spam advocates would like to see Messaging Providers being held directly responsible for each spam message, I don’t see this working for several reasons. 1) 99% of the time Messaging Providers act as the conduit, businesses are the actual senders 2) Businesses can bypass WASPs by using GSM modems or international SMS providers 3) If WASPs were forced to monitor outgoing messages (and had consent from the businesses sending), it would still be impossible for a WASP to identify spam by merely looking at the content of a message.

WASPs are held directly responsible when they are the senders of messages themselves (ie. not merely the conduit). This is more prevalent in the consumer mobile content market, hence the bigger fines in this sector.

Spammers don’t need a high degree of reliability when sending SMS messages, while legitimate business senders do. Suspending the Messaging Provider will therefore affect many legitimate businesses using SMS messaging. Since these businesses require reliability, they will stop sending, and since the spammers can migrate to less reliable routes, they will continue. In this scenario, all you will be left with is spam.

In conclusion, we will do our best to promote the beneficial use of sms messaging, and to act where sms is abused. Your complaint has assisted hundreds of users that received a similar message.

Regards Piet Streicher Managing Director www.bulksms.com

Thank you

That was a better response than I expected.

Yes I agree, you cannot be held responsible, the same way M-Web cannot be held responsible for users of their SMTP relays. But as long as there is a way to pass fines onto the people who are responsible, then things are good in my books.

Thank you for looking into this,

SR

Good post & reply

I actually thought that that was a very good reply, and a good blog entry, by the way.

SA law regarding Spam

The ELECTRONIC COMMUNICATIONS AND TRANSACTIONS ACT of 2002 states that:
1. Any person who sends unsolicited commercial communications to consumers, must provide the consumer:
1. with the option to cancel his or her subscription to the mailing list of that person; and
2. with the identifying particulars of the source from which that person obtained the consumer's personal information, on request of the consumer.
2. No agreement is concluded where a consumer has failed to respond to an unsolicited communication.
3. Any person who fails to comply with or contravenes subsection (1) is guilty of an offence and liable, on conviction, to the penalties prescribed in section 89(1).
4. Any person who sends unsolicited commercial communications to a person who has advised the sender that such communications are unwelcome, is guilty of an offence and liable, on conviction, to the penalties prescribed in section 89(1).

So if you are receiving any unwanted SMS's or Emails from a company they must provide you with a means of unsubscribing from their list. On an email you should find an "unsubscribe" link at the bottom.

In a plain text SMS links are not usually included but there is a sort of undocumented standard for unsubscribing: reply with "STOP" (but they should tell you how to remove yourself) and you should be automatically removed from the mailing list in whichever bulk sms engine they use. If you are not removed you should report the sender. You can report them to WASPA (www.waspa.org.za) if the service provider is a member action will be taken.

Unwanted SMS'ed links

Receiving unwanted / unsolicited SMS links to porn sites from +27 82 004 8640 895. No STOP-ing or STOP ALL-ing seem to impress upon these people that I am now fed-up with this. Does anyone know who these messages are from? I am ready to do grievous bodily harm by now...

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.
By submitting this form, you accept the Mollom privacy policy.