SMS FRAUD AWARENESS Day

Kuyesera AI Lab, https://kailab.tech

​

10th May 2024

Section 1: SMS Fraud Information

2

What is SMS Fraud?

• SMS Fraud refers to the fraudulent activities that use short message service(SMS) to defraud people.

​

• Fraudsters use voice, short message service (SMS) or both to communicate and defraud the victims.

​

​

• The Financial Intelligence Authority (FIA) of Malawi estimated that between May and June 2020 in Malawi, “MWK1 billion may have been stolen from mobile money subscribers and agents through their bank account electronic wallets and phone numbers”

​

3

Amelia Taylor

Types of Fraud using SMS

1. Smishing

Sending fraudulent text messages claiming to be from legitimate organizations - often containing a phone number that recipients are instructed to contact.

e.g AIRTEL: SIM card yanu yabulokedwa. mukufunsidwa kusintha SIM Card yanu pasanathe tsiku limodzi. Imbani pa nambala iyi kuti mudziwe kasinthidwe kake 0999xxxxx.

​

• Fake Prize Scams

Recipients receive SMS messages informing them that they have won a prize or lottery. To claim the prize, they are asked to provide personal information or pay a fee.

e.g. mwapata mphoto ku premier loto yokwana mk100,000 tiyimbileni ku 0998278923/0889022323 kuti mudziwe zambiri

4

Card yanu yabulokedwa. mukufunsidwa kusintha SIM Card yanu pasanathe tsiku limodzi. Imbani pa nambala iyi kuti mudziwe kasinthidwe kake 0999xxxxx.

Amelia Taylor

Types of Fraud using SMS

3. Fake Alerts and Notifications

Fraudsters may send SMS messages posing as alerts or notifications from reputable sources.

These messages may claim that there is a problem with the recipient's account etc. and prompt them to take immediate action, such as calling a phone number.

​

e.g NATIONAL BANK: ndife ogwira ntchito ku NBM bank. mukudziwitsidwa kuti account yanu yatsekedwa. Imbani foni pa number iyi kuti mudziwe zambiri 0888xxxxxx.

​

5

This may include SPOOFING: the SMS is sent on the same SMS thread from the bank, fooling the receiver.

Amelia Taylor

Types of SMS Fraud

6

Source: https://www.infobip.com/blog/a-complete-guide-to-sms-fraud

Amelia Taylor

SMS Fraud in action

7

How to protect yourself?

• Be cautious of unfamiliar numbers

If you receive an SMS from an unknown number, especially if it contains links or asks for personal information, proceed with caution. Do not click on any links or respond to such messages.

• Verify sender identity

If you receive an SMS claiming to be from a company or organization, verify the sender's identity by contacting them directly through their official website or customer service number. Legitimate companies rarely ask for personal information or account details via SMS.

• Watch out for phishing attempts

Be wary of SMS messages that ask you to provide sensitive information such as passwords, PINs, or account numbers. Legitimate organizations typically do not request such information via SMS.

• Report suspicious activity

If you receive a suspicious SMS or believe you may have been targeted by SMS fraud, report it to your mobile service provider and other relevant authorities. This can help prevent others from falling victim to similar scams.

​

8

Ben and Alinafe

The impact of SMS fraud can be devastating!!

9

Ben and Alinafe

QUIZ

10

WHAT IS SMS FRAUD?

1. Sending promotional messages
2. Sending unsolicited messages
3. Sending fraudulent messages to deceive recipients
4. Sending personal messages without consent

​

​

11

WHAT IS SMS FRAUD?

• Sending promotional messages
• Sending unsolicited messages
• Sending fraudulent messages to deceive recipients
• Sending personal messages without consent

​

​

12

Which type of SMS fraud involves sending messages pretending to be from a trusted entity to deceive recipients?

13

1. Smishing
2. Spoofing
3. Spamming
4. Phishing

Which type of SMS fraud involves sending messages pretending to be from a trusted entity to deceive recipients?

14

• Smishing
• Spoofing
• Spamming
• Phishing

15

How can you protect yourself from SMS fraud?

1. Sharing personal information via SMS
2. Clicking on suspicious links in SMS
3. Deleting suspicious messages without responding
4. Responding to all incoming SMS messages

16

How can you protect yourself from SMS fraud?

• Sharing personal information via SMS
• Clicking on suspicious links in SMS
• Deleting suspicious messages without responding
• Responding to all incoming SMS messages

17

What is the term for fraudulent SMS messages that attempt to trick recipients into calling a fake customer support number?

1. Vishing
2. Spoofing
3. Smishing
4. Phishing

18

What is the term for fraudulent SMS messages that attempt to trick recipients into calling a fake customer support number?

• Vishing
• Spoofing
• Smishing
• Phishing

Section 2: SMS Fraud Survey

19

Data Collection Methodology

• Online Questionnaire

A structured online google form survey was distributed through various digital platforms at MUBAS via the Students Union president. Posters were displayed on the campus at MUBAS calling for participation. A total of 102 people participated in the online survey.

• Face-to-face questionnaires

This exercise was conducted with individuals selected through random sampling techniques around the campus. A total of 86 students and members of staff participated in this.

• Face-to-face sessions

We also had a physical sessions at KAI Lab, 6 people participated in this which included MUBAS students, MUST student and 2 others that at the industry.

• App used

SMS Backup & Restore App, participants were taken through the installation process and the sharing of Fraud SMS from their mobile phones to our repository.

​

​

​

20

Alinafe

Survey Results

• Awareness of fraudulent SMS: Online Surveys - 96.1% respondents reported that they are aware of the existence of fraud SMSs, and 3.9% reported they do not know of its existence. Face-to-Face data collection - all 86 individuals reported that they are aware of fraudulent SMS representing 100%.
• Prevalence of Fraudulent SMS: Online Surveys - 2% of respondents reported receiving fraudulent SMS messages of more than 10 a month, 16.4% reported receiving between 5 to 10 SMSs a month, and 81.4% encountering such messages occasionally. Face-to-Face Interviews - participants expressed varying degrees of exposure to fraudulent SMS messages, with 12% reporting frequent encounters and 88% stating rare occurrences.
• Types of Fraudulent SMS Scams: phishing attempts, prize/sweepstakes scams, fake investment opportunities, and impersonation scams.
• Response strategies: Online Surveys - 72% of respondents stated they ignored fraudulent SMS messages, and 28% deleted the messages immediately. Face-to-Face Interviews - participants mentioned diverse response strategies, including ignoring and deleting the messages, reporting the messages to relevant authorities or engaging with the sender to gather more information.
• Impact of fraudulent SMS: Both data collection methods highlighted the potential financial and emotional impact of falling victim to fraudulent SMS scams, with respondents expressing concerns about identity theft, financial losses, and personal data compromise. 90.2% admitted that they or a friend had ever fallen victim, while 9.8% did not.

​

21

Tamanda

Online survey results

22

Tamanda

Section 3: SMS Fraud Detection using Machine Learning

23

Supervised Learning

• The labelled dataset we created can be used to train machine learning algorithms capable of detecting whether an SMS is potentially fraud or not.
• The algorithm learns the main characteristics (called features) of the SMSs from the examples given in the dataset and associate features that are strongly correlated with fraudulent SMS
• When the algorithm sees a “new SMS” it tries to find these features in that SMS which can indicate that the SMS is potentially fraudulent

Implications

• The training data needs to be large enough
• The training data needs to be correctly labelled
• The algorithms need to be sensitive to changes in the data, i.e., new features as scammers change their tactics

​

24

Amelia Taylor

How are ML algorithms used

The ML algorithms can be used as part of firewalls or part of applications that users can submit SMSs to and find out if they are legitimate.

There are apps such as Truecaller that are widely used in Asia.

But such algorithms need to take into account local context, types of scams that are convincing in a given environment, and local languages, such as Chichewa.

25

Use of ML classification algorithms inside Firewalls on mobile phones.

Amelia Taylor

Our Dataset

The table shows that we have collected 15,229 SMSs in total, out of which 1,370 were labelled as fraudulent, 1,826 as spam and the remaining 12,033 as normal.

We also noted that these SMSs originated from 9,168 distinct Service Centers. So 3 out of 5 messages are sent by the same source. The fraudulent SMS’s ratio was 1:6.

Most fraudulent SMS, 93%, were read by the receiver.

Most of the SMSs, 50%, come from the year 2023, with some from 2024.

​

26

Amelia Taylor

Section 4: ML Experiments using the SMS Fraud Dataset

27

Machine learning experiments

28

• A smaller dataset of 649 SMS messages was manually checked and categorised into 316 fraudulent and 333 non-fraudulent SMS. This dataset was used to train 3 machine learning models.
• The models were: Random Forest, Logistic regression and K-Nearest Neighbors.
• As the dataset contained mixed language, we also fully translated into English so that we compare the performance of our models versus other published results.

Amoss Robert

29

1. Trained ML models with Chichewa dataset

Table below presents results after training the machine learning models with Chichewa datased

Amoss Robert

30

2. Trained ML models with human translated dataset

Table below presents results after training machine learning models using the highest performing translated dataset.

Amoss Robert

31

3. Trained ML models with machine translated dataset

The table presents the results after training the machine learning models with machine(Google Translator) translated dataset

Amoss Robert

Conclusion from the results

32

Our experiments have shown that:

1. Machine learning can effectively classify Chichewa SMS messages as fraudulent or non-fraudulent.
2. Random Forest and Logistic Regression relatively achieved highest accuracy of 96% each on Chichewa dataset.
3. Testing the Chichewa based model on new SMS messages showed it could identify almost all Chichewa fraudulent messages.
4. Human translated dataset improved accuracy to 99% while the machine translated dataset diminished the accuracy to 91%.
5. Lastly, the Logistic Regression model performed the best overall achieving the accuracy of 99%.

​

Amoss Robert

GAME

33

“Spot The Scam”

34

​

“ AIRTEL: SIM card yanu yabulokedwa. mukufunsidwa kusintha SIM Card yanu pasanathe tsiku limodzi. Imbani pa nambala iyi kuti mudziwe kasinthidwe kake 0992922xxx. ”

Fraud

Evelyn Chapuma, Amoss Robert

35

2.

​

“ Airtel Top8 yafikaso! BLUE EAGLES vs MIGHTY MUKURU WANDERERS pa KAMUZU lelo pa 11 Dec, 2:30PM, Anthu 300 Oyambilira kulowa alandila Ma T-shirt aTop8. #ZaMadolo! ”

Evelyn Chapuma, Amoss Robert

Not fraud

36

3.

​

“ Boma kudzela mu unduna wa za umoyo ukupeleka katemela wa chikuku ndi poliyo kwa ana osaposela zaka zisanu kumadela anu. Mukupemphedwa kuti mukawabayitse ana anu.”

Evelyn Chapuma, Amoss Robert

Not fraud

37

4.

​

“ ine transporter ndafika pa border ndikuchokela ku south africa ndatenga katundu wa m'balewanu tandiyimbilani for communication.”

Evelyn Chapuma, Amoss Robert

Fraud

38

5.

​

“ kumachenjela ndi akambelembele omwe akufuna kuba ma nambala anu achisisi. kuti mudziwe zambiri za izi imbilani kuma office athu a AIRTEL pa 0980000099.”

Evelyn Chapuma, Amoss Robert

Fraud

Q&A

39