Telstra taps Australian cyber cops to block SMS spoofing attacks

As COVID-19’s digital-services surge drives increased fraud, Defence Ministry helps government services agency identify legitimate communications.

whitelisting computer security security oversight admin lockout control by metamorworks getty images
metamorworks / Getty Images

Spoofed SMS messages will be automatically identified and blocked from reaching customers on Australia’s largest mobile network, after dominant carrier Telstra kicked off a pilot program with social-services agency Services Australia that will eventually be extended across the government.

Telstra has been working with the Australian Cyber Security Centre (ACSC) to test and refine the technology, which analyses metadata around SMS messages to detect manipulation of sender ID data.

An ongoing proof of concept has successfully been able to identify and block messages from unapproved senders “almost immediately”, said “really pleased” Telstra CEO Andrew Penn in kicking off the pilot program—which, he said, partners the telecommunications carrier with “key organisations” to identify the legitimate sources of citizen communications, then “block out the malicious relative to the legitimate”.

The Services Australia effort may expand to other agencies

By working with Services Australia to identify certain servers known to be sending legitimate communications, Telstra is able to block other, spoofed messages going to its 16 million mobile customers “with absolute certainty,” said Minister for Government Services Stuart Robert.

To continue reading this article register now

Subscribe today! Get the best in cybersecurity, delivered to your inbox.