The Australian Communications and Media Authority (ACMA) has taken action against three telecommunications providers after compliance failures were used by scammers to impersonate Medicare, Australia Post and road toll companies.
Chair of ACMA, Nerida O’Loughlin said the Authority found Sinch Australia, Infobip and Phone Card Selector allowed SMS to be sent using text-based sender IDs without sufficient checks to ensure they were being used legitimately.
Text-based sender IDs can be used by scammers to pose as legitimate organisations such as Government Agencies, banks and road toll companies.
Ms O’Loughlin said Infobip allowed 103,146 non-compliant SMS to be sent, which included scams impersonating well known Australian road toll companies, while Sinch allowed 14,291 non-complaint SMS, which included Medicare and Australia Post impersonation scams.
She said Phone Card was also found to have inadequate systems in place to comply with the rules, however there was no evidence that scammers exploited the opportunities it created.
“While there is no suggestion the telcos were involved in scam activity themselves, scammers have used their failures to prey on Australians,” Ms O’Loughlin said.
“This wouldn’t have happened if the companies had adequate processes in place and complied with the rules,” she said.
“Scams that impersonate reputable organisations can be particularly hard for consumers to recognise and there’s no telling how much damage could have been done as a result of these scam texts.”
Ms O’Loughlin said the investigations showed scammers would readily take advantage of vulnerabilities created by telcos.
She said ACMA had issued Sinch and Infobip with formal directions to comply with the obligations, the strongest enforcement action available for code breaches, while Phone Card had been given a formal warning.
