# The WeDDa framework for preventing smishing and vishing using protocol agnostic cryptographic trust

**Authors:** Mahmoud F. M. Salem, Ehab K. I. Hamad, Mohsen A. M. El-Bendary

PMC · DOI: 10.1038/s41598-026-38539-y · Scientific Reports · 2026-03-03

## TL;DR

WeDDa is a new framework that prevents smishing and vishing attacks by using cryptographic verification to stop identity spoofing at the source.

## Contribution

WeDDa introduces a protocol-agnostic cryptographic trust framework that enforces verified identity attestation to prevent spoofing attacks.

## Key findings

- Laboratory simulations showed WeDDa can block all spoofing-based attacks without misclassifying legitimate calls.
- The framework is protocol-agnostic and can be integrated into existing and future telecom infrastructures with minimal cost.
- It introduces a scalable blueprint for secure digital ecosystems resistant to identity impersonation attacks.

## Abstract

The global telecommunications infrastructure remains vulnerable to caller identity spoofing, fueling multi-billion dollar smishing and vishing epidemics due to an architectural absence of cryptographic verification. Current detection-based paradigms are inherently reactive, allowing attacks to reach end-users. This paper presents WeDDa: A unified protocol-agnostic Cryptographic Trust Framework for Preventing Smishing and Vishing Attacks Through Verified Identity Attestation, which implements a unified cryptographic trust approach integrating existing attestation mechanisms into a protocol-agnostic, mandatory enforcement layer. By implementing gateway-level cryptographic attestation, our framework creates a verified namespace that systematically reduces identity spoofing at its source, under defined deployment assumptions. Its protocol-agnostic design suggests universal applicability, providing a scalable blueprint deployable across current and next-generation (e.g., 5G, 6G) national infrastructures. Our large-scale laboratory simulations, modeled on Egypt’s telecommunications infrastructure, demonstrate proof-of-concept effectiveness. Under controlled conditions, it blocked all simulated spoofing-based attacks without misclassifying legitimate calls with negligible latency. These laboratory simulations results indicate feasibility for preventing identity spoofing; however, real-world validation through pilot deployments is required. Critically, the framework is inherently integrable, requiring no end-user device modifications and imposing minimal additional cost for adoption into existing core networks (SS7, VoIP), emerging standards (5G), and future frameworks (6G). This paper presents a unified protocol-agnostic framework validated through simulation to telecommunications identity spoofing prevention and a foundational trust layer for secure digital ecosystems, establishing a blueprint for networks intrinsically secure against protocol-level impersonation attacks.

## Full-text entities

- **Genes:** SIM2 (SIM bHLH transcription factor 2) [NCBI Gene 6493] {aka HMC13F06, HMC29C01, SIM, bHLHe15}, VEZF1 (vascular endothelial zinc finger 1) [NCBI Gene 7716] {aka CMD1OO, DB1, ZNF161}, NEGR1 (neuronal growth regulator 1) [NCBI Gene 257194] {aka DMML2433, IGLON4, KILON, Ntra}
- **Diseases:** COVID-19 (MESH:D000086382), IDS (MESH:D016532), behavioral anomalies (MESH:D001523), anxiety (MESH:D001007), anomaly (MESH:D000013), HSM (MESH:C538399)
- **Chemicals:** IP (MESH:C041508), 3GPP (-), salt (MESH:D012492)
- **Species:** Homo sapiens (human, species) [taxon 9606], Methanosarcina barkeri (species) [taxon 2208]

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/PMC12957470/full.md

## Figures

14 figures with captions in the complete paper: https://tomesphere.com/paper/PMC12957470/full.md

## References

51 references — full list in the complete paper: https://tomesphere.com/paper/PMC12957470/full.md

---
Source: https://tomesphere.com/paper/PMC12957470