Amid Delay in SMS Regulations, BSNL Warns Users Against SMS Fraud

State-owned Bharat Sanchar Nigam Limited (BSNL) has issued an advisory alerting its users about recent SMS frauds amid the seven-day extension for the new SMS regulations.

BSNL warned its users to not give out personal information to scammers who have been trying to withdraw money from their accounts.

Fraudsters are sending fake SMSes, asking user to complete their KYC and failing to do so will result in their BSNL sim getting deactivated permanently.

This advisory comes after Telecom Regulatory Authority of India (TRAI) imposed regulations on commercial messages to prevent SMS related frauds. However, due to negligence from businesses the regulatory body had to extend the deadline for the registration process by another 7 days.

Do Not Open These SMS Heads: BSNL

BSNL has released names of four SMS IDs which are being used by fraudsters to steal bank information from users. These SMS headers are ‘CP-SMSFST, AD-VIRINF, CP-BLMKND, and BP-ITLINN’

SMS headers or IDs are a combination of six characters representing the company name of the message sender. These headers are also known as Sender ID.

Messages from these SMS IDs are been sent to BSNL users asking to complete KYC verification and when a user clicks on the link provided by these fraudsters, money is withdrawn immediately from the user’s bank account

New SMS Rules to Tackle The Issue

In February, the Delhi High Court had directed TRAI to enforce Telecom Commercial Communication Customer Preference Regulation (TCCCPR), which was designed to stop the problem of ‘unsolicited commercial communication (UCC) or spam call and messages’, reported The Hindu.

These guidelines were implemented so that the use of fake SMS headers by scammers to dupe customers is stopped.

According to TRAI’s latest guidelines, every SMS must be verified before it is delivered.

Why The Delay?

On 8 March, Tele companies started the process of Content Scrubbing (verifying each SMS sent to stop fraudulent activities) using Distributed Technology Ledger (DLT) blockchain systems, after which lakhs of Indian users faced disruption in OTP services.

This happened as thousands of business entities failed to register their content templates with DLT companies. Following which, a 7-day extension was given to the businesses to get them registered.

‘Higher the Delay Higher The Risk’

Independent Cyber Security researcher Rajshekhar Rajaharia told The Quint that cyber attacks will only increase if we give more extension in the newly imposed SMS regulation policy.

“If the registration period is extended chances of fraudulent cyber crimes will increase. and we will continue to hear more advisories. Therefore, TRAI should not delay the registration period,” he added.