Open in app

Sign in

Write

Sign in

How to Trace a SMS Header

Rushi Mehta
3 min readSep 5, 2021

SMS Headers are used by Banks, Marketing Companies, Registrations providers etc for sending bulk SMS. However fraudsters also use the same for sending bulk phishing messages. Lately we have seen SMS pertaining to Amazon Part Time Jobs.

Sample SMS:

Header is BH-148594.

Fraudulent marketing SMS

TRAI has mandated header registration for transactional, promotional messages and also has provided facility to trace the message origin.

These registered companies provide facility to end users (clients) to send bulk SMS. Fraudsters misuse SMS header on 2 ways.

  1. They register a shell company using co-working space and apply for SMS Header to send fraud SMS.
  2. Fraudster go to genuine companies as a client to avail feature of SMS headers.

How to trace?

Step 1: https://smsheader.trai.gov.in

Step 2: Clicking on continue may prompt an OTP on email. Enter the same.

Step 3: Enter Header Information. BH is read as BSNL network was the exit network that was used to send SMS. H stands for Haryana but there could be discrepancy in the data.

Important Observation

BH does not mean BSNL is providing facility to send SMS. It could be other telecom operator as well. BSNL is just exit network.

There are two terms: Onboarding network and Exit network. In order to get details of onboarding network, data has to be asked from Telecom Operators or DLT solution provider.

Approved Telecom Operators to send SMS:

What next?

  1. Details about Template, Header registration could be asked from Telecom Operator shown on exit node.
  2. The company (Principle entity) can be enquired for why was it involved in sending the SMS.
  3. Physical verification of companies. There are chances the companies may be fake companies.
  4. TRAI-DOT to be informed on misuse of the SMS Headers.
  5. Telecom companies may be asked for frequency of SMS sent through Headers. Ex. “part time amazon” keyword could be given to telecom operators to get details on how many such SMS were sent through their network.
  6. Truecaller or other phishing detection apps along with telecom operators to be notified for such phishing content for stopping.

Infographic to share in groups:

*****************************

--

--

Rushi Mehta

Written by Rushi Mehta

112 Followers

Cyber Security & Fintech Risk Enthusiast, Trekker, Meditator and Contributor!

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams