By: Lisa Visentin
Telco companies will intensify their efforts to block scam text messages aimed at defrauding Australians, with regulatory changes enabling them to use more sophisticated technology to stop the messages at scale.
Australians have lost more than $87 million through scam calls and text messages this year, as the number of reports to watchdog website Scamwatch more than doubled since 2020, despite efforts by the federal government to crack down on the issue.
Telstra chief executive Andy Penn said regulatory changes, announced by the federal government on Monday, would allow telcos to get access to a richer set of data and use algorithms and artificial intelligence engines to better identify malicious text messages.
“As you can imagine, there are billions if not trillions of transactions and SMS and calls going across telecommunication networks all of the time, every year. And what we have to try and do is to sift through that and identify those that are malicious, and then block them at their source,” Mr Penn said.
“Today’s initiative gives us access to the ability to do that with much greater precision when it comes to SMS.”
Optus vice president Andrew Sheridan said the rules designed to protect customers also protected criminals but the changes would give the company “much greater flexibility” to block the scammers.
Both executives said their companies were already blocking millions of scam calls and messages each month. Nonetheless, Australians continue to receive a blizzard of unsolicited scam calls from places like Ukraine and Tunisia, and scam SMS such as ones purporting to alert them to parcel delivery.
The particularly pernicious “Flubot” scam, which began circulating in early August and set a new record for the number of complaints received by Scamwatch, duped some Australians out of thousands of dollars. The scam, which targeted android phones with an often misspelt SMS message about a missed call, was used to prompt users to click a malicious link that then harvested personal data and banking details.
Home Affairs Minister Karen Andrews said organised criminals, many of them involved in transnational criminal gangs, were often behind the SMS scams. She said the new regulation would explicitly state the blocking of malicious text messages was necessary for the operation and maintenance of the telecommunication system, but said the scammers were constantly evolving their attacks.
“So over time as more data comes in, the machine learning will make sure that our artificial intelligence escalates and that we will be able to deal in a much more effective way as the scams come through.
“But we also need to be very mindful that the criminals will look at every opportunity that they can to scam Australians.”
Communications Minister Paul Fletcher said the government had already successfully blocked scammers from sending SMS texts that appeared to come from legitimate sources such as the Australian Taxation Office or Centrelink.
But he drew a distinction between SMS scams and the unsolicited spam messages sent by politicians to voters, which are exempt from the Spam Act. Independent MP Craig Kelly, leader of the United Australia Party, has sent multiple spam SMS this year, including one linking to an incomplete report on adverse events connected to COVID-19 vaccines that prompted the Therapeutic Goods Administration to demand he cease.
“We’re talking about two very different categories of activity here. One of these is high volume malicious criminal activity, whereas the text messages being sent [are] in a political context,” Mr Fletcher said. “As we think about the policy settings there we need to think carefully about the implied freedom of political communication in the Constitution, which the High Court has identified.”
Political parties often send blanket messages or phone calls with pre-recorded messages, particularly around election time. In addition to the Spam Act exemption, political parties do not have to comply with the Do Not Call Register and the obligations in the Privacy Act 1988 in how they collect, use, disclose or store personal information. The federal government is reviewing the Privacy Act, including whether the exemption for political parties should be maintained.