Saved in:
Bibliographic Details
Main Authors: Agarwal, Sharad, Suarez-Tangil, Guillermo, Vasek, Marie
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2508.05276
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866918192782245888
author Agarwal, Sharad
Suarez-Tangil, Guillermo
Vasek, Marie
author_facet Agarwal, Sharad
Suarez-Tangil, Guillermo
Vasek, Marie
contents Mobile network operators implement firewalls to stop illicit messages, but scammers find ways to evade detection. Previous work has looked into SMS texts that are blocked by these firewalls. However, there is little insight into SMS texts that bypass them and reach users. To this end, we collaborate with a major mobile network operator to receive 1.35m user reports submitted over four months. We find 89.16% of user reports comprise text messages, followed by reports of suspicious calls and URLs. Using our methodological framework, we identify 35.12% of the unique text messages reported by users as spam, while 40.27% are scam text messages. This is the first paper that investigates SMS reports submitted by users and differentiates between spam and scams. Our paper classifies the identified scam text messages into 12 scam types, of which the most popular is 'wrong number' scams. We explore the various infrastructure services that scammers abuse to conduct SMS scams, including mobile network operators and hosting infrastructure, and analyze the text of the scam messages to understand how scammers lure victims into providing them with their personal or financial details.
format Preprint
id arxiv_https___arxiv_org_abs_2508_05276
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle An Overview of 7726 User Reports: Uncovering SMS Scams and Scammer Strategies
Agarwal, Sharad
Suarez-Tangil, Guillermo
Vasek, Marie
Cryptography and Security
Mobile network operators implement firewalls to stop illicit messages, but scammers find ways to evade detection. Previous work has looked into SMS texts that are blocked by these firewalls. However, there is little insight into SMS texts that bypass them and reach users. To this end, we collaborate with a major mobile network operator to receive 1.35m user reports submitted over four months. We find 89.16% of user reports comprise text messages, followed by reports of suspicious calls and URLs. Using our methodological framework, we identify 35.12% of the unique text messages reported by users as spam, while 40.27% are scam text messages. This is the first paper that investigates SMS reports submitted by users and differentiates between spam and scams. Our paper classifies the identified scam text messages into 12 scam types, of which the most popular is 'wrong number' scams. We explore the various infrastructure services that scammers abuse to conduct SMS scams, including mobile network operators and hosting infrastructure, and analyze the text of the scam messages to understand how scammers lure victims into providing them with their personal or financial details.
title An Overview of 7726 User Reports: Uncovering SMS Scams and Scammer Strategies
topic Cryptography and Security
url https://arxiv.org/abs/2508.05276