ACMA cracks down on three telcos for allowing SMS scams

ACMA cracks down on three telcos for allowing SMS scams

More than 100,000 Australians have received fake texts from scammers impersonating organisations like Medicare and Australia Post after three telcos failed to follow compliance rules overseen by the Australian Communications and Media Authority (ACMA).

Investigations by the agency found that sim card providers Sinch, Infobip and Phone Card Selector allowed SMS to be sent using text-based sender IDs without sufficient checks to ensure they were being used legitimately.

Infobip allowed 103,146 non-compliant texts to be sent, which included scams impersonating Australian road toll companies. Sinch allowed 14,291 non-compliant texts to go through, including Medicare and Australia Post impersonation scams.

While Phone Card Selector was also found to have inadequate systems in place to comply with the rules, there was no evidence scammers exploited the opportunities it created.  

The ACMA has given Sinch and Infobip formal directions to comply with the obligations, the strongest enforcement action available for code breaches. Phone Card Selector has been given a formal warning.

Telcos may face penalties of up to $250,000 for breaching ACMA directions to comply with the code.

This screenshot is an example of the sorts of scams Australians have been receiving.
This screenshot is an example of the sorts of scams Australians have been receiving.

 

ACMA chair Nerida O’Loughlin said the investigations showed scammers will readily take advantage of vulnerabilities created by telcos.

“While there is no suggestion the telcos were involved in scam activity themselves, scammers have used their failures to prey on Australians. This wouldn’t have happened if the companies had adequate processes in place and complied with the rules,” she said.

“Scams that impersonate reputable organisations can be particularly hard for consumers to recognise and there’s no telling how much damage could have been done as a result of these scam texts.”

Text-based sender IDs can be used by scammers to pose as legitimate organisations such as government agencies, banks and road toll companies. Under the Reducing Scam Calls and Scam SMS Code, Australian telcos must obtain evidence from customers that they have a legitimate reason to use text-based sender IDs (such as business names) in SMS.

The federal government announced two weeks ago it will provide more than $10 million to launch Australia’s first SMS sender ID registry to prevent offshore scammers from impersonating trusted brands and government agencies.

“This initiative will help close a key vulnerability used by scammers. The ACMA looks forward to working with industry and trusted brands as we implement this new protection,” O’Loughlin said.

Today’s action from the ACMA also comes more than a year after the nation’s consumer watchdog announced it would be taking Facebook’s parent company Meta to Federal Court, alleging the social media platform “aided and abetted” scam cryptocurrency ads.

Get our daily business news

Sign up to our free email news updates.

 
Unpacking equity: Finding your funding fit
Partner Content
Armed with a growing business and a great opportunity, a business owner’s next challe...
Australian Business Growth Fund
Advertisement

Related Stories

Here's why Meta could be found liable for celebrity crypto scam ads

Here's why Meta could be found liable for celebrity crypto scam ads

On the last day of his 11 years as chair of the Australian Competit...

“This is disgraceful”: ACCC takes Meta to court over misleading crypto ads on Facebook

“This is disgraceful”: ACCC takes Meta to court over misleading crypto ads on Facebook

The nation’s consumer watchdog is taking Facebook’s par...

Forrest in landmark criminal action against Facebook over crypto scams

Forrest in landmark criminal action against Facebook over crypto scams

Australian mining entrepreneur Andrew ‘Twiggy’ Forrest ...