How we’re cleaning up SMS for scam safety

For years, Australians have been losing millions to scammers and in have already lost almost $100 million so far this year. The numbers keep going up and all indications point to 2020 being the worst year on record in terms of financial loss.

Andrew Penn · 15 September 2020 · 4 minute read

As Australia’s largest telco we’re acutely aware of the serious threats faced by our customers from scammers and cyber criminals. We block more than a million malicious spam calls on our network each month and a growing number of SMS messages. With a new pilot program announced today, we’re about to do even more to keep our customers safe.

We have been working closely with the Australian Cyber Security Centre (ACSC) and Services Australia to keep scammers out of the SMS channel by introducing a new security measure to block malicious text messages from reaching Telstra customers.

A new pilot program to make SMS safer

In simpler terms, when a text message is sent over our network, using information called “metadata”, we can identify and reject illegitimate phishing text messages impersonating a specified senderID before they reach Telstra customers.

Working with the ACSC and Services Australia, we have created an approved list of official sources associated with particular SenderIDs, like myGov or Centrelink. It means any message with a SenderID that doesn’t originate from an approved source will be stopped from making it through to Telstra customers.

We are currently rolling out Phase One of a much larger project that we hope to scale up in the coming months to protect more organisations and their customers from scammers.

This work also aligns with Australia’s 2020 Cyber Security Strategy (PDF 2.6MB) and the recommendations from the Industry Advisory Panel, which we look forward to helping implement in conjunction with the Government, business, and the community.

Spotting SMS scams

While the methods and techniques of cybercriminals constantly change, cyber risk in reality is just like any other risk. Behind the complexity, cyber-crime is just crime, cyber espionage is just espionage and hacktivism is just activism all by another name.

The challenge is the increasing sophistication and the scale; the ACSC believes that one in three adults has been a victim of cybercrime. The unfortunate fact is anybody who owns a mobile phone, anyone who sends or receives text messages, is now at risk, and that risk has never been higher.

Those who rely on assistance from Australian Government agencies are at particular risk as scammers often impersonate official bodies and agencies to increase their chances at appearing legitimate.

Take this example of a fraudulent text message designed to trick the receiver into thinking it’s a legitimate message from myGov.

The goal is to convince you to click on a malicious link or attachment that the scammers can use to try to steal your money, your personal data, or both.

The point is we are all at risk – anybody with a connected device is a potential target and scammers think nothing about using almost every brand in Australia – including ours – to try and pull the wool over a customer’s eyes.

Helping to keep the internet cleaner

At a time when scammers are taking increasing advantage of Australians experiencing difficulties and hardship due to COVID-19, it’s important that we have their backs.

This new pilot is part of our Cleaner Pipes initiative which includes a range of existing work designed to help keep our users safe from malicious activity online. In May we dramatically scaled up our Domain Name System (DNS) filtering to ensure that we’re proactively blocking and filtering out the millions of malware communications that attempt to cross our infrastructure.

Connected technologies increasingly sit at the very heart of the lives of most Australians. But as we move more rapidly to a digital economy, we need to be more and more cognisant of the growing cyber risks and those who seek to do us harm online.

For more information on staying safe from SMS malware, check out our best practice guide. You can read more cyber security tips on our Telstra Exchange Cyber Security and Safety Hub.

By Andrew Penn

Former Chief Executive Officer

Andy Penn became the CEO and Managing Director of Telstra, Australia’s largest telecommunications company, on 1 May 2015. At Telstra, Andy is leading an ambitious change program transforming the business to be positioned to compete in the radically changing technology world of the future with 5G at its core. Andy has had an extensive career spanning 40 years across 3 different industries - telecommunications, financial services and shipping. He joined Telstra in 2012 as Chief Financial Officer. In 2014 he took on the additional responsibilities as Group Executive International.

Prior to Telstra, Andy spent 23 years with the AXA Group, one of the world’s largest insurance and investment groups. His time at AXA included the roles of Chief Executive Officer 2006-2011 AXA Asia Pacific Holdings, Chief Financial Officer, Chief Executive Asia and Chief Executive Australia and New Zealand.  At AXA, Andy was instrumental in building one of the most successful Asian businesses by an Australian company that was sold to its parent in 2011 for more than A$10bn.

Other directorships & appointments: Member of the Council of Trustees of the National Gallery of Victoria; Board Director of the Groupe Speciale Mobile Association (GSMA); Chairman of the Australian Government’s Cyber Industry Advisory Panel, created to guide development of Australia’s 2020 Cyber Security Strategy; Patron, on behalf of Telstra, of the National Aboriginal and Torres Strait Islander Arts Awards (NATSIAA); Life Governor of Very Special Kids and an Ambassador for the Amy Gillett Foundation. He serves on the advisory boards of both The Big Issue Home for Homes and JDRF.

Recognition and qualifications: MBA (Kingston), AMP (Harvard), FCCA, HFAIPM. Andy has a national diploma in business studies (with distinction), is a Fellow of the Chartered Association of Certified Accountants, holds an MBA from Kingston University and is a graduate of Harvard’s Advanced Management Program. In 2008 Andy was recognised as Insurance Executive of the year in the Australian Banking and Finance Awards and in 2016 he was made an honorary fellow of the Australian Institute of Project Management. In 2018 Andy was named by the Financial Times among the top 10 male leaders globally HERoes list supporting women in business. In 2019 he was named by the Australian Financial Review as among the top 10 most powerful people in business.

How our new device security tool is helping Aussies uncover hidden scams

As the threat of cyber scams persist, our latest research shows that Aussies are changing how they use their smartphones. In response, we’re launching Device Security Essentials – a new free security feature for all Telstra mobile customers, putting greater protection directly into the hands of Australians.

Article 5 minute read
Telstra Scam Indicator - how we're working with CBA to reduce scams

The Scam Indicator is a tool we developed alongside the Commonwealth Bank of Australia (CBA) to help detect and prevent mobile phone scams for joint customers. Here's how it works.

Article 2 minute read
Scammers the ultimate weekend weasels, targeting Aussies when their guard is down

Scammers aren’t letting up, so we’re not backing down either.

Article 6 minute read

How we’re cleaning up SMS for scam safety

A new pilot program to make SMS safer

Spotting SMS scams

Helping to keep the internet cleaner

Topics

By Andrew Penn

Related articles

How our new device security tool is helping Aussies uncover hidden scams

Telstra Scam Indicator - how we're working with CBA to reduce scams

Scammers the ultimate weekend weasels, targeting Aussies when their guard is down