Security

How IT Teams Stop Scam Text Messages with Fraud Short Codes

IT security teams use these specialized internal codes to tag, track and stop suspicious activity across digital channels with real-time analytics and automation.

Phil Goldstein

Twitter

Phil Goldstein is a former web editor of the CDW family of tech magazines and a veteran technology journalist.

Texting scams are exploding. In 2024 alone, U.S. consumers lost $470 million to them, according to the Federal Trade Commission, a number more than five times what it was just four years earlier.

To counteract the growing volume of fraud, “vendors are trying to help banks catch suspicious activity earlier in the cycle and, wherever possible, prevent the crime before it is perpetrated,” according to a 2024 Gartner report on fraud detection in banking payments. To do this, vendors are teaming up with specialist firms to hunt for phishing kits on the dark web or are building their own advanced modeling techniques.

Companies, especially banks and wireless carriers, use fraud short codes — specialized, internal codes that are not customer-facing — to detect, flag and block suspicious transaction patterns or messages in real time.

These codes can trigger alerts for potentially fraudulent activities such as unauthorized logins, unusual transfers or phishing attempts via SMS. For IT leaders, fraud short codes are a critical component of a broader fraud detection and response strategy. They enable faster mitigation by automating the identification of high-risk behaviors across digital channels, reducing manual review overhead and improving response times.

Click the banner below to keep reading stories from our new publication, BizTech: Financial Services.

btfs-q225-lp-animated-introducing-cta-desktop_2 (2) (1)_0.gif

btfs-q225-lp-animated-introducing-cta-mobile (1) (1).gif

What Are Fraud Short Codes and How Do They Help Stop Scam Texts?

Fraud detection platforms use machine learning (ML) models and business rule engines (BREs) to detect and prevent criminal activities related to money movements, Gartner notes.

These platforms are used by banks to determine the risk associated with events such as payments. A high risk score can initiate a further review to determine whether it’s a true positive (fraud) or a false positive (not fraud). Platforms ingest and monitor data from various sources, then analyze it to identify high-risk events and anomalies that deserve a closer look.

The systems examine metadata related to the device and user; then, in combination with historical data and other models, they can determine the risk of real-time events. A high risk score may cause a payment to be automatically rejected, put on hold or flagged for further review.

Modern platforms can monitor all of a customer’s account actions, such as transfers and withdrawals, from multiple sources, such as mobile applications and online banking websites.

Fraud short codes standardize how risky activity is labeled, says T. Frank Downs, senior director of proactive services at BlueVoyant, “so transactions that look different on the surface map to the same underlying fraud type.”

For example, he says, a fraudulent purchase from two different stores will look different on an account statement or in a transaction ledger, but they will both have the same codes attached, indicating they are the same type of fraud.

“Fraud short codes can deliver real-time protection: I’ve seen them reliably stop Office of Foreign Assets Control-prohibited transactions. But they can also create unintended friction,” Downs says.

EXPLORE: A new era of digital banking is powered by AI.

Why Fraud Short Codes Matter for IT Security Teams

Many IT security teams use fraud short codes, Downs says, “because they provide compact, consistent metadata that makes it easier to sort, route and analyze suspicious activity at scale.”

With a clear code attached, IT teams can triage faster, make more consistent decisions and close cases more quickly.

Fraudsters typically exploit the gaps between siloed and poorly integrated security and fraud systems. The fragmentation of these systems makes it difficult for banks to get a big picture view that would help them eliminate the causes of fraud, according to the Gartner report. Security solution providers are responding to this by positioning themselves as one-stop shops with well-integrated solutions to eliminate these gaps.

Newer fraud detection systems ensure that a bank’s fraud analysts and data scientists can see the larger picture of fraud, including patterns, relationships, spikes and clusters that indicate changing trends and the true sources of a crime. Without this perspective, Gartner notes, fraud detection teams are often stuck playing whack-a-mole, dealing with one attack at a time.

$470 million

The amount U.S. consumers lost to text scams in 2024

Source: ftc.gov, “Top text scams of 2024,” April 14, 2025

To Integrate Fraud Short Codes Into Your Detection Strategy

IT security teams can “create more comprehensive profiles specific to different malicious actors” by analyzing fraud code types, frequencies and locations, Downs says.

“The teams can quickly recognize the actions of specific threat actors and deploy tailored and actionable threat responses, providing greater protection to the company and the clients,” he says.

Modern fraud detection platforms must be able to ingest data from numerous cybersecurity and other systems, according to Gartner. This includes risk signals from device IDs, location intelligence and behavioral biometrics, all of which are essential for a comprehensive view of risk.

Consolidating threat detection capabilities in a small set of strategic vendor partners ensures that solutions are better integrated, helping to close the gaps that criminals have exploited in the past, Gartner notes.

The core of the strategy is a decision engine that uses a combination of ML models and BREs to calculate a risk score for each transaction, according to Gartner. A high risk score on a transaction can automatically put it on hold or escalate it for human review, preventing possible fraud from taking place.

UP NEXT: Five techniques for AI abuse and filter bypassing.

Best Practices for Managing Fraud Short Codes at Scale

How do IT leaders manage this at scale?

Instead of checking system performance every few months, modern fraud detection platforms should be monitored and adjusted at least weekly, if not daily, according to Gartner. A customizable dashboard can track key performance indicators such as detection rates, accuracy and the average time to resolve a case.

Additionally, organizations are increasingly turning to automation to counteract the cost of hiring more investigators to deal with the rising volume of financial crime.

Vendor-supplied tools can augment staff capabilities by automating workflows, providing artificial intelligence (AI) assistants and prepopulating reports to boost efficiency and consistency, Gartner notes.

Due to the rapid evolution of fraud, IT teams are finding that ML models need to be retrained more frequently. Modern fraud detection systems proactively suggest changes to business rules or ML features, the report notes. Some systems can automatically make minor changes, while others pause for a human decision, which can be deployed quickly with minimal coding.

Click the banner below to learn data governance strategies that help with artificial intelligence initiatives.

Benefits and Drawbacks of Fraud Short Codes

These codes have a number of major benefits, but they aren’t without their drawbacks.

Benefits include:

Real-Time Threat Detection: ML models and BREs can be used to detect and prevent criminal activities in real time.
Automated Response Capabilities: A high risk score can trigger a temporary hold or decline until a case is resolved, which is a key automated response, Gartner notes. This allows banks and other organizations to take immediate action to prevent financial loss.
Improved Customer Communication: Modern platforms can monitor a customer’s account actions from multiple sources. This provides the necessary data to communicate with customers about suspicious activity, allowing them to verify or deny transactions.
Support Compliance and Audit Efforts: The European Union’s Digital Operational Resilience Act is now triggering a standard approach for reporting fraud incidents. Platforms that include a case investigation module can create a report with an audit trail, which helps with compliance and provides documentation for how decisions were made.
Cross-Channel Coverage for Better Visibility: Modern platforms can monitor account actions from multiple sources, including online banking websites, mobile apps and ATMs. This holistic approach helps analysts gain a broader perspective.

There are also drawbacks, including:

False Positives and Alert Fatigue: A key challenge is balancing detection and accuracy, the Gartner report notes. While 100% detection is possible, it generates too many false positives to be useful. Gartner advises avoiding the generation of false positives by gathering data that allows systems to “green flag” behavior (such as the purchase of a new home or the sale of a car) that is atypical for a customer but is legitimate and not fraudulent.
Limited Context: A 2024 Deloitte report on AI-enabled fraud notes that many traditional detection methods can be overwhelmed by sophisticated, rapid attacks such as deepfakes and synthetic identities.
Vulnerability to Spoofing and Social Engineering: There is a clear distinction between fraud that involves computer hacking and fraud that relies on deception, such as social engineering. These types of scams are fundamentally different from online fraud attacks such as account takeovers. A system focused on transaction patterns may be vulnerable to schemes that manipulate the user.