A 12-month trial using new technology to stop fake SMSs purportedly sent by key government agencies has been deemed a huge success by federal communications minister Paul Fletcher.
He says the trial blocked more than 2500 scam texts appearing to come from government agencies in the past 12 months. In addition, about 210 million scam calls were stopped since December 2020 as a result of the government’s Reducing Scam Calls Code, the minister says.
IT experts say the blocked calls forced scammers to switch to SMSs.
In the SMS trial, scam texts were blocked using a ‘Do Not Originate’ list, which acts as a checkpoint and stops messages that can’t be authenticated as having come from hardware used by, for example, Medicare or Centrelink.
Read: Are scammers using your phone number for fake calls?
Agencies on the Do Not Originate list include: JobSearch, the Australian Tax Office (ATO), Centrelink, veterans’ affairs department, Medicare, My Aged Care, My Health Record, National Cancer Screening Register, National Disability Insurance Scheme and the National Redress Scheme.
Scammers and identity thieves have been bagging bumper returns during COVID with lockdowns and working from home forcing more people online and for longer times. There was also a spike in messages from government agencies while face-to-face services were widely unavailable.
Losses reported to Scamwatch between 1 January and 19 September have already surpassed total losses of $175.6 million reported in 2020.
Australian Competition and Consumer Commission (ACCC) deputy chair Delia Rickard says the average loss so far this year is about $11,000 compared to $7000 for the same period in 2020.
The ACCC’s Scamwatch service says it logged about 4400 complaints about phishing texts last month, up from around 1400 in September last year. Given that only a tiny fraction of scam messages are reported, the spike has set alarm bells ringing.
Read: Cyber threats put banks on high alert
Mr Fletcher says the Do Not Originate trial had worked “very effectively”.
“We think this will greatly reduce the number of scam texts purporting to come from any of the organisations involved,” he says.
“The telcos … will only let a text go through if it comes from one of those authenticated numbers or pieces of messaging infrastructure.”
Mr Fletcher says there has already been a drop off in fake texts claiming to be from Centrelink.
“The scammers have moved on, because the agency is no longer a soft touch,” he says.
He adds that due to the success of the trial, the department has written to NBN Co, Australia Post and the big banks inviting them to join the list.
Earlier this month, the Reserve Bank of Australia (RBA) warned that a significant cyber security attack against a bank was all but “inevitable”.
It said that such an event “could lead to a widespread stress in the financial system” due to a loss of public confidence and that while incidents had been limited to date, “the potential for systemic implications is at some point inevitable”.
“Large financial institutions can devote significant resources to cyber defence, and so are generally regarded as having among the best cyber defences of any companies,” it said in its Financial Stability Review.
“However, given the very large number of attacks, it seems almost inevitable that at some point the defences of a significant financial institution will be breached.”
Read: Delivery and post office text scams drive near doubling of losses
Scamwatch warns that it continues to receive thousands of reports of scam text messages about missed calls, voicemails or deliveries, commonly referred to as Flubot scams.
The text messages ask you to tap on a link to download or access something, Scamwatch says. “There are a large number of variants of the Flubot text messages, but often they ask you to download an app to track or organise a time for a delivery, hear a voicemail message or view photos that have been uploaded. However, the message is fake, there is no delivery, voicemail or photos uploaded and the app is actually malicious software called Flubot.
“If you receive one of these messages, do not click or tap on the link. Delete the message immediately.”
Whether you are ‘as safe as houses’ remains to be seen as scammers tend to be one step ahead, rather than behind, detection efforts.
Do you try to stay up to date on the latest scams? Have you or someone you know fallen for a scam? Are you concerned about the RBA warning to banks? Why not share your thoughts in the comments section below?
If you enjoy our content, don’t keep it to yourself. Share our free eNews with your friends and encourage them to sign up.