Several telcos failed to comply with requirements that prevent scammers sending misleading SMS messages, according to the Australian Communications and Media Authority (ACMA). An ACMA investigation found that 103,146 non-compliant messages were sent using Infobip’s services, including scam texts that impersonated some of Australia’s best-known collectors of road tolls. Sinch also received criticism for allowing 14,291 non-complaint texts to be sent, including scam messages designed to appear as if they came from Australia’s Medicare program and from its postal service.
Infobip and Sinch were each issued with a formal ‘direction to comply’, which is effectively an order to do what they should have been doing anyway. Neither business was fined but the implication is that they may be fined if they do not remedy their failings.
A third telco named Phone Card was also found to be in breach of the anti-scam rules but there was no evidence of them carrying any scam messages as a result. Phone Card received a formal warning instead of a direction to comply.
The Australian regulations mandate that telcos only originate SMS messages on their networks if the A-party has shown they have the right to use the originating number or a valid use case for the alphanumeric sender ID. Sinch failed to comply with the obligations for both the originating numbers and the alphanumeric sender IDs. Infobip and Phone Card did not satisfy the requirement for alphanumeric sender IDs.
ACMA Chair Nerida O’Loughlin emphasized that the telcos were not directly engaged in scamming the public but had not taken ‘adequate’ steps to protect Australians from scams.
While there is no suggestion the telcos were involved in scam activity themselves, scammers have used their failures to prey on Australians. This wouldn’t have happened if the companies had adequate processes in place and complied with the rules.
The ACMA press release, which contains links to the detail of their investigations and the enforcement action they took, can be found here.
