Not sure if this blog on CTA whitelisting for SMS marketing contains quality information?
Try our 1-minute short audio summary to decide. 🎧
Ever grown suspicious of the URLs you receive via SMS? Most of you might have come across this situation at least once in your lifetime. We don’t blame you. Statistics show that in 2019, US consumers alone lost over $86 million due to SMS phishing or smishing. It is estimated that between 300,000 and 400,000 smishing attacks occur daily. According to a study conducted by a telecom industry association, 39% of consumers in ten surveyed countries encountered at least one smishing attempt in the past year. To put an end to this bamboozlement, the Telecom Regulatory Authority of India (TRAI) has issued its latest directive on SMS marketing. It aims at safeguarding consumers from unsolicited messages containing malicious links by making CTA whitelisting mandatory for businesses.
The new TRAI mandate for CTA whitelisting to curb the misuse of URLs (Uniform Resource Locators) in messages will be effective from 1st October 2024. This rule has come in light of the rapid growth of smishing coinciding with the increase in smartphone use. Complying with these new rules for bulk SMS service can help both access providers and businesses in creating a more reliable and secure messaging environment. Let us take a look into the nuances of these mandates in detail.
What is Smishing?
Before we proceed, it is important to understand the term smishing. It is a type of phishing attack carried out through SMS messages. Hence, the term ‘smishing’ was constructed by combining the words ‘SMS’ (Short Message Service) and ‘phishing’. Smishing emerged as smartphones became more widespread, providing an easy way for cybercriminals to exploit people’s trust in SMS messages.
In a smishing attack, cybercriminals send fraudulent text messages that appear to be from reputable sources, such as banks, businesses, or government agencies. These messages often contain text that depicts urgency, aiming to trick recipients into providing personal information, clicking malicious links, or downloading malicious software. These links can be used to steal login credentials, credit card details, or other sensitive data or ask the user to reply with sensitive details like passwords, PINs, or account numbers.
Why Use Short URLs in SMS Content?
Businesses use short URL services to include important links leading to their websites, apps, landing pages, survey forms, downloadable resources, payment gateways, etc. in the SMS message. These short URLs will often be accompanied by a compelling CTA (call to action) that persuades the user to click the link. However, SMS messages have a certain character limit. Including long messages in the SMS content can take up most of the space in the SMS content, resulting in less room for actual content. Solution? Use short URL services!
Short URL services have been a boon to businesses since the inception of SMS marketing in the modern world. It lets businesses include more text in their marketing content and attach links to important pages while complying with the regulations regarding the length of SMS messages by TRAI.
The SMS marketing service providers like Office24by7 also provide short URL services to businesses. All they have to do is simply paste their URLs and click a button. The long URL will be shortened and you can copy it to be used in whatever marketing material you want.
However, there are always two sides to a coin. Businesses aim to provide a smooth and seamless service to their customers through SMS marketing services using short URLs. But this becomes an opportunity for fraudsters on the lookout for new domains to trick people into their trap. SMS as a tool for marketing has opened an ocean of opportunities for them. They started leveraging short URLs as honeypots to trap genuine users who search for services.
Related Reading
What are the new TRAI Mandates for CTA Whitelisting?
TRAI has issued a direction advising registered senders to promptly upload their whitelisted URL/APK/ OTT links to the portal of the respective Access Providers. This direction has been issued on 20th August 2024, and will be effective October 01, 2024. All service providers should comply with the new regulations regarding the use of short URLs in SMS campaigns. TRAI has also instructed all Access Providers to block any traffic containing URLs, APKs (Android Package Kit), or OTT (Over The Top) links that have not been whitelisted. These changes are aimed at making cyberspace a more safe and secure place for users.
As per the new mandate, the shortened URLs inside the SMS text must indicate the business that is sending the message. Here’s what the new regulation says:
- Senders shall ensure that only whitelisted URLs/ Apks (Applications)/ OTT links/Call back numbers are there in the message Content Templates.
- Senders shall not use any URL shortening service or short URLs unless the shortened URL clearly indicates that it has a relation with the Sender.
This means that the URL or the shortened URL in the message content should be whitelisted before sending out using an SMS blast software. It also clearly specifies that the Sender ID should be reflected in the URL.
Office24by7’s Solutions for the New Mandate
Adhering to new TRAI regulations and mandates is pivotal for the success of SMS marketing campaigns. This also reflects the credibility of your business organization and your willingness to comply with the industry and government standards. This further builds your image and helps you increase your brand goodwill.
To ensure that your marketing messages adhere to the new TRAI regulations and to safeguard the security of your stakeholders, Office24by7 is introducing a new setup to shorten URLs and whitelist them. We facilitate your messages in two different methods:
Shorten URL With DLT Service Provider for CTA Whitelisting
In this method, the business organization can directly approach a DLT operator to convert a long URL into a short URL for the SMS marketing campaigns. You can then visit the Office24by7 platform and log in to your account to submit the text message content and Sender ID to send the message. You can also get in touch with the Office24by7 team to create a short URL. Our team will approach a DLT operator to create a short URL with your long URL and then incorporate it into your SMS template.
For example, if your Sender ID is ‘HWDYCL’ and the DLT operator’s domain after shrinking the URL is https://vml.dl, then your short URL adhering to the new TRAI mandate will be:
https://vml.dl/HWDYCL/<unique_id>.
Use Office24by7’s Short URL Service for CTA Whitelisting
Being a secure cloud telephony software provider and omnichannel communications solutions provider, Office24by7 has its own short URL services. This means that the customer doesn’t have to approach a DLT operator to get a short URL. Simply log in to your Office24by7 platform and go to the ‘Add-ons’ option in the vertical menu bar on your left-hand side. Click ‘Short URL’ from the list of add-ons displayed. Here, you can simply enter the long URL you want to shorten and click the ‘Submit’ icon. In this case, your short will be:
https://off.bz/HWDYCL/<unique_id>.
After creating the short URL, you can go to the CTA whitelisting option to submit your short URL for whitelisting purposes. Being a verified SMS service provider adhering to TRAI regulations, Office24by7’s short URL services help you get easily whitelisted. You can get your campaigns running in no time.
Related Reading
Why Did TRAI Implement CTA Whitelisting?
For a long time, there have been requests to issue directions aimed at curbing the misuse of SMS content templates. There was also an increasing demand to prevent unauthorized activities through telecom resources. These measures will bring about complete transparency in the SMS communication process and prevent fraudulent communication.
All DLT operators and business organizations in the country are expected to abide by this new TRAI mandate to implement new campaigns. The new TRAI mandate for CTA whitelisting is implemented from October 01, 2024.
What Happens if URLs are not Whitelisted?
The new TRAI mandate for CTA whitelisting is an appreciable move to safeguard consumers from unsolicited messages containing malicious links. This also fosters a transparent and secure communication system. This raises the quality benchmark for all SMS broadcasting software in the country. TRAI has provided clear instructions to all Access Providers to block any traffic containing URLs, APKs, or OTT links that have not been whitelisted. This means that Senders who fail to whitelist their links by the due date will not be able to transmit any messages containing URL/APK/ OTT links.
Conclusion
The new TRAI directive on CTA whitelisting is a vital step toward securing SMS communications. Enforcing mandatory URL transparency and sender identification protects users from smishing attacks and strengthens trust in business communications. Adherence to these regulations ensures both consumer safety and enhanced credibility for businesses utilizing SMS marketing. Leading providers like Office24by7 help you implement CTA whitelisting for your short URLs, ensuring a seamless SMS marketing campaign experience.
