Contact Sales
previous icon Back to blog
Feb 24, 2026
5 minutes read
Security

Static vs. Dynamic Protection: Stop Bots, Save Money, and Stay Secure

Do you send automated SMS or RCS to your customers? Then you need that traffic to be safe and smart. When you send codes at scale, you need to block fake traffic without stopping your real users. And of course, you don’t want to pay for messages that aren't real. We have just the thing for you: Static and Dynamic protection.

CM.com
CM.com

Are you sending messages via SMS or RCS to your customers? Are those messages part of an automation like for example login codes? Then you might be a target for messaging fraud...

What Are Fraud Risks For Automated Messaging?

Criminals seek to abuse automated login systems (like one time passwords (OTPs) sent by SMS) to generate fake traffic to make money. This type of fraud is known as Artificially Inflated Traffic (AIT), SMS pumping or traffic pumping. How does it work? Businesses typically send OTP's automatically when a user logs in, resets a password, or when they create an account. And each message sent costs the business money. Fraudster are of course not interested in the actual OTP, but they just want the business to pay for sending it - and they'll profit of it through corrupt SMS routes, compromised partners, or SMS numbers they control.

These messaging costs can add up fast - regardless the size of your business. When an AIT attack hits, it hits hard! In fact, global AIT fraud losses are estimated to be several billion dollars between 2022-2024. Even amongst CM.com customers, we see an average of 20k in fraudulent traffic costs if no fraud prevention measures are taken.

At CM.com, we are committed to protecting our customers from messaging fraud by monitoring and blocking suspicious activity 24/7. However, fraud prevention is a shared responsibility. We provide the tools and options to mitigate risks, but it’s essential that customers work with us to configure these measures effectively. Together, we can ensure that criminals are unable to profit from illegal traffic and create a safer messaging environment.
- Brian de Liefde, PO Messaging Platform at CM.com

What to Do Against AIT?

There are several things you can do to protect your business from AIT attacks:

  • Secure the trigger, not just the message. Adding CAPTCHA or bot detection to login and password reset forms will make it more difficult to send large volumes of OTPs in one time.

  • Put restrictions on your traffic volumes. Rate limiting will help you control how many messages are being sent in a specific timeframe - and this can be done in many different way. You can limit how many messages in total can be sent, but also how many per user accounts, or per individual user.

  • Proactively block high-risk destinations. What makes a destination high-risk? Well, destinations are more likely to be targeted if they have high SMS rates (more money per message), limited regulations and therefore less control on revenue-sharing or grey SMS routes. And of course, destinations where you have no customers should not receive SMS traffic from your business either.

  • Monitor your traffic to signal abuse early. Insight in your traffic-flows will help you detect unusual activities, and when you know that something suspicious is happening, you can act accordingly.

These fraud preventative measures can be implemented in many different ways, but you can roughly divide it in two types: Static and Dynamic protection.

Static vs Dynamic Fraud Protection

Static fraud protection simply means setting up strict rules and restrictions for your messaging traffic. This includes setting hard limits to your messaging traffic volumes, restricting IP-address access, and creating block- and allow-lists for your destinations. CM.com offers static fraud protection in a software suite called Safeguard. Safeguard offers:

  • IP address restrictions - Mitigate risks by restricting access to your messaging platform account.

  • Destination management - Create Block and Allow lists to preemptively block traffic from high-risk destinations

  • Rate limiting - Control the amount of messages being sent in a specified timeframe and prevent uncontrolled high spikes that drive up the costs.

Static fraud prevention works well for a majority of businesses, especially for those with relatively straightforward traffic flows. However, it isn't always this black-and-white.

Are your customers located in possible high-risk destinations? Do your messaging volumes differ greatly from day-to-day? Do you serve customers worldwide? Then static fraud prevention can unintentionally get in the way of legit messaging traffic. In these cases, a more dynamic solution would be a better fit.

CM.com offers Safeguard Plus as a dynamic fraud prevention software suite. It leverages advanced machine learning to provide a more customized protection against messaging fraud:

  • Dynamic traffic profiling - By continuously analyzing messaging patterns, Safeguard Plus can identify irregularities and flags potential issues. How? By checking a combination of destination classification (high-risk vs low-risk), deviations in traffic destinations, anomalies in conversions, odd number ranges, and supplier reliability.

  • Flexible block and monitor modes - Monitor your traffic without immediately making changes to the flow, and automatically block when suspicious activities are flagged.

  • Clear and actionable data insights - Get real-time insights in your traffic flows via detailed dashboards and reports, so you can make informed and quick decisions regarding your messaging traffic.

What Does Your Business Need?

The big difference between static and dynamic fraud protection is the flexibility. But which one do you need for your business? It may not even be a straight answer. Static protection helps minimize risks but can restrict your business when risks arise. On the other hand, dynamic protection removes these limitations, offering a valuable enhancement to static protection, especially for businesses operating on a global scale. That said, having basic static protection in place is essential. And when fraudsters target your business, don’t hesitate to strengthen your defenses by adding dynamic protection to stay one step ahead.

Want tailored advice on your fraud prevention strategy? Click the button below and contact our experts to discuss your specific use case. Our experts are here to help.

Ask Our Experts About Fraud Protection

Contact us
Was this article interesting?
Share it!
Tags
CM.com
CM.com
logo linkedin icon
connects tens of thousands of companies with millions of consumers via their mobile phone each day. Behind the scenes, from our innovative platform, CM.com makes sure companies can use these millions of messages, phone calls and payments to become part of people’s lives.

Latest Articles

the-benefits-of-2fa-for-business
May 12, 2025 • Security

The Benefits of 2FA for Business

Protecting customer data is (or should be) a priority for every modern business. One of the most secure ways to verify customer information is by multi-factor authentication (MFA). In this blog, we’ll discuss the top benefits of MFA (and 2FA) and explain why it’s a must-have for mobile-native businesses.
Protect Your Customers from Fraud With RCS Sender Verification
May 12, 2025 • RCS

Protect Your Customers from Fraud With RCS Sender Verification

Cybercrime and spam messaging is on the rise. Criminals attempt to impersonate trusted businesses in the hopes of scamming loyal customers out of their personal details, login credentials, and even banking information. This damages the trust between customers and businesses. How can you tell which messages are legit, and which ones aren't? RCS Business offers verified sender profiles, helping customers identify official business accounts so they can engage with business communication with confidence.
introducing-your-customizable-verification-solution-hero
Apr 10, 2025 • Security

Introducing Your Customizable Verification Solution

In today's digital world, ensuring secure and convenient online interactions is more important than ever. Every business has unique needs when it comes to protecting their digital space and their customer interactions - and different needs require different solutions. That's why CM.com introduces "Build Your Own Verification" - flexible and customizable verification that can be tailored to your specific needs.
fraud-and-simplify-verification-processes-hero
Apr 10, 2025 • Security

Prevent Text Messaging Fraud and Simplify Verification Processes With Number Verify

Customer communication via text messaging has become an integral part of the modern business landscape. In recent years however, criminals have figured out that they can abuse SMS communication to scam both your business and your customers out of data and money. But not to worry, there's a new, convenient, and fast verification method that can help secure your online accounts: Number Verify!
CM.com logo phone icon +45 31519312
f github icon image.icon.alt.f-instagram f linkedin icon image.icon.alt.f-rss f youtube icon

Choose Your Region

Select a region to show relevant information. This may change the language.

Our Suggestion
United States
English
Africa
next icon
South Africa
English
Asia
next icon
China
中文
India
English
Japan
日本語
Singapore
English
United Arab Emirates
English
United Arab Emirates
العربية
Europe
next icon
Belgium
Nederlands
Belgium
Français
Denmark
Dansk
Denmark
English
France
Français
Germany
Deutsch
Italy
Italiano
Netherlands
Nederlands
Spain
Español
Sweden
Svenska
United Kingdom
English
North America
next icon
United States
English
Is your region not there?
language icon
Global
English
Is this region a better fit for you?
Go
close icon