Telstra is responding to a surge in scam messages on its network with a filter designed to block the texts before they reach mobile devices.
Scammers have been increasingly targeting Australians with dodgy malicious texts that employ a range of clever gambits to trick people into handing over sensitive information — even to send money.
According to the Australian Competition and Consumer Commission's (ACCC) ScamWatch, last year Australians lost $100 million to phone scams — that's calls and texts — up from $48 million in 2020.
Telstra says reports of malicious texts to Android devices increased from 50 in 2020 to 11,000 the following year.
In the past year, it says it has blocked more than 100 million scam calls.
So, how does the scam SMS filter work and why has it taken so long for text messages to get a technology that email has had for years?
Filter automatically scans text content and origin
Telstra hasn't said exactly how the technology works, other than it automatically scans text messages for suspicious content and characteristics.
In a post on its website announcing the filter, Telstra said:
"We're applying knowledge of what scam text messages look like to block them at the network level.
"Automatic machine scanning picks suspicious content such as malicious links and combines this with other patterns and characteristics such as the time, sender, the number of messages sent and the recipient."
It's also not yet clear how effective the filter will be.
Telstra says it's been testing the feature in a pilot program with 2,500 employees for the past three months, and participants reported "a reduction in the number of scam SMS messages they received".
Other networks overseas have reported success with anti-scam filters.
EE, a UK telecoms provider, introduced an anti-spam filter in July 2021.
In the three months that followed, it blocked more than 42 million spam and scam texts and saw an 85 per cent drop in customer reports of scam SMS.
Paul Haskell-Dowland, an expert in computing and security from Edith Cowan University, said the filter would work like the ones that sift spam from your email inbox.
"It will look at volumes of messages to see if thousands of messages are originating from one mobile phone number," he said.
"And it will look at the content of the message and determine whether it's a format it's seen before and classified as spam."
Messages that prove hard to automatically classify may be manually checked, he added.
If that happens, Telstra said, "the details of the recipients will remain masked".
Why has it taken so long for text messages to get a spam filter?
Though welcome, Telstra's spam filter is an "incredibly late decision", Professor Haskell-Dowland said.
More than a decade ago, email spam clogging up inboxes was having a "very real impact" on business, whereas the recent surge in malicious SMS has generally been an "end-user problem" — that is, a problem for individual customers, but not for businesses themselves.
Eventually, however, mounting public and government pressure has led to telecoms providers doing something about the problem, Professor Haskell-Dowland said.
"I suspect there wasn't the commercial drive to address the problem," he said.
In December 2020, the Australian Communications and Media Authority (ACMA) established an industry code aimed at reducing the number of scam calls.
The Reducing Scam Calls code, developed in partnership with the telco industry, sets out processes for identifying, tracing, blocking, and otherwise disrupting scam calls.
It was a direct recommendation of the ACMA's Combating Scams Action Plan, published in November 2019.
That plan included a proposal to develop enforceable obligations for telco providers to "implement and update SMS filtering technology" by the second quarter of 2020.
The ACCC has welcomed Telstra's announcement of an anti-spam SMS filter.
"The ACCC is pleased to see providers making steps to meet their obligations under the Reducing Scam Calls Code," a spokesperson said.
"We will continue to monitor the rates of text messages scams received by the public to gauge the effectiveness of the measures."
How bad is the spam surge?
The ACCC's ScamWatch saw a 124 per cent surge in SMS scam reports in the 12 months to February 2022.
In that period, reported financial losses from SMS scams increased more than fivefold.
The real figure is probably higher, an ACCC spokesperson said.
"From previous research the ACCC has undertaken, under-reporting is prevalent across all scam types, so we can only assume that there are many more people being affected by these scams and are not reporting them."
Losses from SMS scams are dwarfed by those from phone calls.
Of the $100 million Australians lost to phone scams in 2021, SMS scams accounted for 10 per cent.
The pandemic has seen more people working from home and becoming isolated from those around them, which has made them vulnerable to scammers, experts say.
Will this stop politicians from sending me election text messages?
The last federal election saw Clive Palmer send unsolicited texts to millions of voters as part of his campaign.
With another election soon to be announced, you may be wondering if the new filter will stop these texts, or those from another politician or party.
The short answer is that it won't, Professor Haskell-Dowland said.
Federal legislation governing spam via electronic communications has an exemption for political campaign material, so long as it's not of a commercial nature.
"The Clive Palmer messages fall into the category of electioneering, so it's perfectly legal to send out what many would consider to be spam messages."
What if I'm not with Telstra?
If you're with a third-party provider that uses the Telstra network, your messages may still be filtered, depending on the agreement between Telstra and the provider.
Third-party providers are those that offer a telecoms service but don't have their own physical network infrastructure — instead, they piggyback on one of the Telstra, Optus or Vodafone networks.
If you're with Optus or Vodafone, it's likely you'll soon have a spam filter too, Professor Haskell-Dowland said.
"I think what we'll see is a cascade effect, now that one major provider has introduced a filter.
"Over time this will become the norm, much as it has done with email."
A Vodafone spokesperson said the company introduced a "sophisticated SMS firewall" in 2020.
“Our system has blocked more than 522 million scam text messages in the past year alone," they said.
"In the same period, we have also identified and blocked more than 26 million scam calls from reaching our customers."
Optus said it already had "advanced filtering and machine learning in [its] SMS systems".
"While we don't talk publicly about our security measures, we are pleased more of the industry is now implementing similar systems," a spokesperson said.
"Since December 2020, Optus has already blocked more than 230 million scam calls."