Beware of fake texting

Link: IBNLive : Beware! Fake SMSes can ruin you.

We have heard of websites and e-mail accounts being hacked. Now, someone could be sending messages from your cell phone and you’d never know. What seems like a harmless prank could actually be a serious national security threat.

They do have a point, although this ‘threat’ has been available to anyone almost as long as the SMS medium itself.

The article goes on to explain:

Patanjal Digantvyas, a 19-year-old from Ahmedabad, tells us that all you have to do is go to a website that provides bulk SMS or the fake SMS facility. One such site is communicator.clickatell.com

Almost any SMS traffic supplier on the planet will allow you to send fake SMS messages — that is, change the originator ID to the number of someone else.

And no verification is required. So, anyone can send messages in your name. The absence of any kind of verification makes this a threat to national security.

Again they have a point here. If your Government is run by text. I would hope that your generals don’t take orders to nuke your national rivals via a text message from the Prime Minister.

I always thought that the ability to set the originator field on text messaging should be a lot more strictly controlled. It’s a particularly useful function for mobile developers who really do need to be able to use dynamic originators.

From memory, Connection Software will only allow you to change the originator to a mobile number that you own — and you must provide proof of ownership of that number. By default, the originator is set to ‘csoft.co.uk’ on all outgoing messages from Connection Software (more details on their policy). I think this is a responsible attitude — it also means their management can sleep at night. They won’t ever have an issue with fake messages being sent through their network.