Australia has called out five telcos for sending through bulk SMS that contain scam messages, breaching the country's anti-scam and public safety rules.
The Australian Communications and Media Authority said it had taken action against Message4U, SMS Broadcast, DirectSMS, Esendex Australia, and MessageBird for allowing millions of SMS messages to be sent without sufficient checks to ensure they were not scams.
These SMS messages had used text-based sender IDs, or shortened business names.
Message4U sent through 36.1 million SMS messages, while SMS Broadcast allowed 4.5 million SMS messages to be sent.
Esendex Australia and DirectSMS allowed 6.7 million and 1.6 million SMS messages, respectively, to be sent between July 2022 and June 2023.
MessageBird sent 1.1 million SMS messages in early-2023, ACMA said.
ACMA noted these telcos had allowed through scam SMS messages that impersonated well-known brands and government services.
Specifically, SMS Broadband and Message4U enabled more than 1.2 million impersonation scam texts to be sent to consumers, while Esendex sent through at least 99,000 scam texts.
Also: 6 simple cybersecurity rules you can apply now.
These actions were in breach of Australia's various anti-scam and public safety rules, ACMA said.
ACMA noted that the five telcos also failed to provide customer data to the Integrated Public Number Database, which is used to locate people in an emergency and to send out emergency alerts in the event of high-risk events, such as floods or bushfires.
The database is further used to support law enforcement activities.
Also: Scammers are using AI to impersonate your loved ones.
Yorke said that, while there were no reported or known incidents as a result of the breach, it was concerning so many telcos had failed to comply with their obligations.
The telcos have been formally directed by the ACMA to comply with the Integrated Public Number Database and the Reducing Scam Calls and Scam SMS industry codes, which the authority said is the strongest enforcement outcome available for initial breaches of these codes.
Also: The best VPN services for iPhone and iPad. For breaching ACMA's directions to comply with industry codes, telcos may face penalties of up to AU$250,000, the authority said.
An Australian man in January 2023 was sentenced to jail for more than two years over an SMS phishing scam, during which he stole AU$100,000 and targeted 450 victims.
This Cyber News was published on www.zdnet.com. Publication date: Mon, 19 Feb 2024 11:28:05 +0000