[Why&Next] The Cause of Illegal Spam Texts... Telecom Companies Unable to Block Fake Numbers

#1. Last year, Company A, which uses LG Uplus's network to send bulk text messages on behalf of clients, was hacked, resulting in spam messages being sent to an unspecified number of customers. During this process, the hacker manipulated the sender's number to a different one. After LG Uplus identified the illegal spam message sending, it restricted Company A from changing the sender number. As a result, Company A, which had been hacked, found itself unable to operate. Due to the nature of the agency, it is difficult to conduct business if the sender number cannot be changed to the client's number. For example, promotional messages for department stores must be sent with the department store's number, but this was not possible. LG Uplus accepted the company's objection that "it was unavoidable due to hacking" and took measures to allow the number to be changed.

#2. Company B, which provides telemarketing services using SK Broadband's network, was caught a year ago for arbitrarily changing area codes when making calls to customers in specific regions for promotional purposes. For example, when a Seoul-based company called customers in the Busan area, they manipulated the number to show the 051 area code instead of the 02 code. This method was based on the fact that people are less likely to answer calls from area codes of other regions. As a result, people in certain areas received unwanted promotional spam calls.

The photo is not related to the article content.

Telecommunication companies that failed to prevent caller ID spoofing, which involves changing the sender's number on calls or messages, were collectively fined. This was because they failed to block the manipulation by companies sending spam texts or telemarketing calls using their networks.

According to business reports from each company on the 24th, telecommunication companies such as SK Broadband and LG Uplus each paid a fine of 12 million KRW for violating the 'Prohibition of False Display of Telephone Numbers' obligation. A representative from the Central Radio Management Office, which imposed the sanctions, explained, "Telecommunication companies, as upper-level operators, are responsible for managing number manipulation, but due to some shortcomings in management, fines were imposed."

The basis is Article 84, Paragraph 2 of the Telecommunications Business Act, 'Prohibition of False Display of Telephone Numbers and Protection of Users.' According to this provision, it is prohibited to change the sender's number on calls or messages to another number for profit. Under this law, telecommunication companies must technically block or ensure the original number is displayed when businesses send telemarketing or spam messages using their networks and attempt number manipulation.

The government strictly prevents caller ID spoofing because number manipulation is not only limited to spam texts or promotional calls but can also be exploited for crimes such as smishing or voice phishing. Numbers that repeatedly send large volumes of spam messages are filtered through spam blocking systems, but if the number keeps changing, it can evade surveillance.

While telecommunication companies acknowledged their management negligence, they said it is realistically difficult to prevent number manipulation in advance. A representative from a mobile carrier said, "Each telecom company has contracts with hundreds of intermediary agencies. The number of calls or messages these agencies send is countless, making it difficult to inspect each one."

There are also technical limitations in monitoring number manipulation in real time. This is because companies use private telephone exchanges when manipulating numbers. Another telecom representative said, "It is easier to detect manipulation when using internet networks, but with telephone exchanges using telephone networks, it is hard to detect manipulation because each call must be inspected individually."

Even when detected, only the telecom companies are punished, while the companies that manipulate numbers face no significant penalties. An industry insider said, "It's like punishing the manufacturer of the bat (telecom company) instead of the person who hurt someone by swinging the bat (number manipulation company)."

Since it is technically difficult to defend against number manipulation, enhanced monitoring and active reporting are necessary. Professor Kim Myung-joo of the Department of Information Security at Seoul Women's University said, "Number manipulation using private exchanges can only be regulated after the fact technically. People who receive spam or smishing messages should actively report to relevant authorities, and an environment should be created to enable immediate action."

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.