Telecom Security – Part 8 of 10 in the series.
RCS was meant to be the next big leap in mobile messaging. With verified business accounts, interactive buttons, and rich media, it promised to replace plain text with true digital conversation. That promise is becoming real: RCS monthly active users passed 1.2 billion in 2024, up over 550 percent year-on-year.
But this evolution has a cost – RCS Fraud.
According to Juniper Research, RCS Business Messaging fraud is projected to cost mobile subscribers $4.3 billion globally within five years. As adoption spreads, so does the surface area for abuse. Telcos that treat RCS as “just a modern SMS” risk facing the same fraud problems, amplified by richer content and deeper trust.
The hidden cost of “trusted” rich messaging
What makes RCS appealing to brands also makes it powerful for fraudsters. The format allows verified business profiles, company logos, and embedded buttons. Users naturally trust those cues. In tests, messages carrying fake brand logos were clicked up to three times more often than classic SMS scams.
RCS Fraud looks scarily good.
Fraud actors now exploit this built-in credibility. A fake courier notification with a brand image and “Track Your Parcel” button can trigger instant engagement.
When messaging looks official, users hesitate less and lose more.
Example of RCS Chat with a Hotel Vendor
How fraudsters exploit the new channel
RCS Fraud is growing in sophistication, offering more vectors for deception:
Impersonation attacks.
Criminals hijack or mimic verified business handles.Malicious interactive content.
Buttons, QR codes, or carousels redirect to credential-harvesting sites.Bait-and-switch campaigns.
Legitimate-looking notifications morph into payment requests or refund traps.Cross-platform blending.
Attackers link SMS, WhatsApp, and RCS in one sequence to appear continuous.
A 2025 GLF report found that 35 percent of operators experienced higher messaging-fraud activity despite new filtering tools, a sign that detection frameworks built for the SMS era can’t read the new playbook.
Why do legacy firewalls fall short?
Most operator defenses were designed for simple text. Traditional firewalls rely on pattern rules, keyword filters, or blacklists. RCS Fraud, on the other hand, can hide behind structured metadata, branded assets, and conversational logic that don’t fit those patterns.
RCS traffic travels through OTT environments where operators can’t fully inspect payloads. The result is that fraudulent messages can appear compliant while hiding behavioral anomalies invisible to static rule engines.
To protect against RCS Fraud, operators need more than new rules – they need systems that can truly understand message behavior and context.
The Fortress approach:
Intelligent pattern recognition at scale
Fortress Advanced Messaging Firewall was built for this new generation of threats. It continuously analyzes vast messaging flows, building detailed profiles of senders, routes, timing, and content structure to understand what “normal” traffic looks like.
Each new message is evaluated in real time against this learned context. The firewall detects subtle irregularities—unusual sending bursts, timing mismatches, inconsistent templates, or suspicious delivery paths—that often precede fraud.
Its classification engine blends advanced heuristics with AI-assisted pattern detection, refining itself through continuous network feedback. This data-driven intelligence allows the firewall to assess risk dynamically and block or quarantine questionable RCS sessions in under 50 milliseconds, even at carrier throughput.
It’s not about scanning for known bad links, it’s about recognizing when something doesn’t belong.
Securing the next chapter of messaging
RCS is redefining how enterprises reach customers, but its credibility can also be its weakness. The same trust signals that power engagement can amplify deception if left unguarded.
Operators who embed intelligent, data-rich firewalls today will be the ones who secure both revenue and reputation tomorrow. Fortress Firewall provides that foundation, a protection layer that reads patterns, learns behavior, and stops threats before they spread.
“The networks that learn fastest will be the ones users trust longest.”
Want to protect your subscribers from link-based fraud across every channel?
See how Fortress URL Scanner stops phishing links before the user even sees them!
