Over 166,000 scam reports were registered in the first nine months of the year, according to the ACCC’s Scamwatch.
The rising reports of scam-related incidences has drawn Telstra’s attention. As part of its Cleaner Pipes programme, Telstra claims detecting and blocking more email and SMS and phone call scams with more filters than ever.
According to Scamwatch, email is the third most commonly reported mode of attack (33,287 reports) after phone (51,234) and SMS scams (50,947).
What scams does Telstra block?
Common scams are emails containing malware attachments, invitations to hand over sensitive information, and impersonation designed to trick users into sharing personal or sensitive information (including banking and credit card details).
As Australians become savvier, email attacks are also becoming more convincing. Recently, more bank scams, fake toll road scams and fake job offer scams are appearing in a bid to lure new victims, Telstra said.
How the technology works
So how does Telstra protect its customers from email scams? Here are the ways it implements its systems:
1. Reputation list filters – these are a big list of known “bad actors.” Telstra filters all email through these lists and if a delivery is attempted from a known suspicious source, it’s blocked before ever reaching Telstra’s email network.
2. Malicious attachment scanning – this is like an anti-virus software that all incoming email attachments get put through to check for potential viruses that could infect the recipient’s device. If one of these gets flagged, the email and attachment gets blocked.
3. Malicious link scanning – almost a combo of both list filtering and attachment scanning, Telstra checks any URL links in emails to see if they direct to a known scam website.
Suspected email scams are sent to the user’s junk folder.
Telstra does not block commercial messages from banks and other large businesses, government departments, emergency alerts and Telstra applications.
If spam or a suspected scam makes it through to the user’s main inbox, users can mark it as spam to improve Telstra’s filters.
Telstra advises users what to do if they spot a suspicious email:
1. Don’t reply to the email or open the links. If you accidentally click on a link before verifying it, don’t enter any information onto the website.
2. Pay close attention to the sender’s email address and any links in emails for anything that doesn’t look legitimate. It’s important to know the address can still be faked on some occasions, so make sure you double check another way too.
3. If you suspect an email is a phishing email and it contains information like an account number, cross check whether the details correspond with details on a previous official email or with MyTelstra for Telstra customers.
4. Be suspicious of unaddressed or generically addressed emails.
5. Finally, just listen to your gut. If something looks wrong or feels wrong – like typos across the text, colours that don’t seem quite right or an unexpected request for information – double and triple check it.
While Telstra’s filters protect customers from unwanted and malicious emails, they are not foolproof, Telstra admits.
Criminals evolve and find new ways to operate scams so users need to be alert to suspicious messages.
This first appeared in the subscription newsletter CommsWire on 29 November 2022.