Excitements, confusions and frustrations

Knowledge without action is wastefulness and action without knowledge is foolishness. - Al-Ghazali

SMS scams in Japan

Posted at — May 3, 2017

Japan has unique take on how to deal technology. Once it was leading world with its robots and electronics. But it was too much focused on local market, that it became “Galapagos island” (e.g. Japanese feature phone, ガラケー). This issue is not specific to hardware. Issue exists with software products of Japanese companies as well.

It has been a while since I wanted to write about this subject. In Japan, just like other countries, everyone has mobile phone. And every one of mobile operators provide an email address. Those email addresses are almost an identity of an individual. Having an email address from large mobile operator is required in lots of places. For example, some banks require it when opening bank account. Or some online shopping websites require it for ordering.

It is basically MMS service linked to and email, but you still need to pay extra to have that email address, while it has less features than standard email.


Biggest issue I had with those email addresses is “spam messages”. This is formed of following problems:

Mail address leaking problem is common with rest of the world. There are businesses (illegal, obviously) that only specialize in collecting email addresses. But “spam filtering” is a solvable problem that I can’t believe mobile providers like Softbank still hasn’t solved.

Email addresses

When exchanging contact information, it’s more common in Japan to exchange email addresses than phone numbers. However, because of spam emails, some people simply use randomly generated email by the provider. So when they share their email with others it is painful to write them down, because they are randomly generated string. Almost 90% of the time, NFC is used for exchanging emails. And your address book starts to look like list of spam emails.

Spam filtering

I use Softbank. And Softbank has really limited settings for spam filtering. By filtering I mean blocking, not moving to spam folder. There is no spam folder. You can create a folder, but you need to move messages by yourself. There is “report spam” feature, but it does not work at all. I have reported multiple emails as spam, but it never stopped. In fact, I received email from Softbank, saying something like “try setting your filtering to strong filtering”.

Softbank has weak, default, strong filtering. As a person who would like to keep spams to minimal, I tried to setting it to strong filtering. It looked good in the beginning. But it felt odd, since I almost didn’t receive any message. Turns out setting strong filtering means no emails containing URLs, or no emails if sender is not mobile provider domain. Even worse, international SMSes are also blocked. Although I almost never use SMS, as a foreigner in Japan I would like to be able to receive international SMS.

Basically, Softbank itself almost has no smart, or even average logic based filtering for emails. It is probably just an old email server that was never touched once it worked.

In many cases, it is very easy to differentiate spam emails or fraud SMS. Which makes you think how could possibly this not be blocked. Here is an example. Following fraud message that was announced by city website that it is a fraud is still being received by people.

Simplest form of spam filtering, something like Spamassassin can provide large value to the customer. And I believe they have enough data to train the tool.


Most of emails are just clear jibberish. Only subject sometimes makes sense. Following are some examples with content.

Note: Don’t click on the spam links in the text.

<a href="https://pastebin.com/H9NT0ia0” rel="nofollow>https://pastebin.com/H9NT0ia0

Short investigation

After short investigation, it can seen that even domains of emails sent are different, name servers are common. Blocking domains registered under those name servers can help with filtering as well.

comments powered by Disqus