The scourge of SMS scams is proving a knotty problem for Australian telcos despite their success in reducing the number of scam phone calls people receive.
The Australian Competition and Consumer Commission’s Scamwatch says that between 1 January and 13 November this year, reports about phone scams decreased by 61% from 135,400 in 2021 to 57,400 this year.
The reduction is being credited to the scam calls code the industry brought in to identify, block and trace incoming calls from scammers in 2020.
More than 549m calls have been blocked by telcos since the scam code was introduced.
A similar code was introduced to block scam messages in July this year, but there has yet to be a similar drop.
While there was a reduction in the number of reports since July, scam SMS reports are up 5% from January to mid-November.
The consensus among industry sources is that SMS scams are more difficult because scammers know how to change what they do and get around the blocks.
But the telcos are working on it. A spokesperson for Optus said more than 10m scam SMS had been blocked between July and September this year.
“Optus has been leading the industry with advanced filtering and machine learning in our SMS systems, and while we don’t talk publicly about our security measures, we are pleased more of the industry is now implementing similar systems,” the spokesperson said.
Sign up for Guardian Australia’s free morning and afternoon email newsletters for your daily news roundup
A TPG spokesperson said the company had blocked around 43m scam SMS a month this year, but that blocking alone wasn’t enough to stop scam SMS messages.
The company has advocated for an industry-operated whitelist whereby businesses would register their sender ID on the list before being able to send messages as that business. It would prevent spoofing of business names in Australia.
“TPG Telecom has long advocated for an industry-regulated SMS origin tag whitelist as well as number management techniques, which could stop a huge proportion of scam texts spoofing legitimate businesses,” the spokesperson said. “Untrustworthy traffic could be immediately reduced if we stopped allowing Australian numbers to originate outside of their home network.”
SMS and phone scams are the top two reported scams to ScamWatch (59,460 and 55,215 reports respectively between January and October this year) but according to Telstra, many more scam emails are being blocked by the company.
The company said it blocked more than 61m scam SMS every month as part of its Cleaner Pipes program, but blocked 332m scam emails on average a month between January and October to Telstra customer email addresses – the equivalent of 7,600 emails every minute.
Telstra’s chief information security officer Asia Pacific, Narelle Devine, said Telstra had been blocking these emails through reputation lists to block out bad actors, attachment scanning for potential viruses, and scanning links to see if they were malicious, or direct users to a known scam site when they were clicked on.
ScamWatch puts email scams as third-most reported at 39,181 so far in 2022.
From January to October, ScamWatch said, Australians had reported losses of about $475m to scams, with investment scams topping $321m.