Five SMS service providers have been slapped on the wrist for allowing scammers to impersonate brands and send millions of texts, and putting public safety at risk.
SMS Broadcast, DirectSMS, Esendex Australia, MessageBird and Message4U - better known as Sinch MessageMedia - cumulatively sent 50 million texts that were in breach of anti-scam laws.
The Australian Communications and Media Authority found the companies did not undertake appropriate checks necessary to ensure the outgoing texts were not scams.
Two of the telcos failures allowed scammers to pose as well-known brands and government services and send more than 1.2 million impersonation texts, while Esendex sent at least 99,000 scam texts.
Authority member Samantha Yorke said the telco's behaviour was unacceptable, especially when Australians lost more than $25 million to SMS scammers in 2023.
"Scammers will always look for cracks in systems and if even one telco fails to have its compliance in order, it can open the door for scammers to target Australians," she said.
"The impact on individuals and families can be truly devastating."
These same companies also failed to forward customer information to the Integrated Public Number Database, which could have hindered emergency services.
Triple-zero uses the database to locate people during an emergency, send alerts during natural disasters and help law enforcement activities.
"While we are not aware anyone was harmed due to the breaches, it is deeply concerning so many telcos failed to comply with these critical obligations," Ms Yorke said.
In response, the authority has taken the strongest action it can for breaches of this nature and formally directed the telcos to comply with industry codes.
