Aussie bank makes clever move to stop sneaky new text scam
A sneaky new texting scam is deceiving thousands of Australians but one company has come up with a way to stop them in their tracks.
Hacking
Don't miss out on the headlines from Hacking. Followed categories will be added to My News.
A major Aussie bank has brought in new technology to fight fast-evolving scams that are ripping billions of dollars off everyday consumers.
Australians reported more than $2bn lost to scams in 2021/22 and forecasts predict this figure will jump to $4bn before the end of this financial year.
The latest scam gaining traction uses completely legal, freely-accessible technology to send text messages that appear to come from legitimate companies.
“You would have received a text with a link in it saying you owe money or a fine that you need to pay,” NAB Executive for Group Investigations and Fraud Chris Sheehan told the NCA NewsWire.
“People have been receiving text messages that for all intents and purposes look like they’ve come from NAB – they say NAB in the contact section but it is criminals using the technology.”
NAB is now placing bank phone numbers on the ‘Do Not Originate’ list to help reduce scam calls impersonating NAB numbers. The bank has also added additional protections to reduce scam messages appearing in legitimate bank text message threads.
“We are working with the telecommunication providers to make it much more difficult for the scammers to use the spoofing technology to replicate NAB’s phone number,” Mr Sheehan said.
But Mr Sheehan has called for a co-ordinated, national response to address the issue as criminal gangs look to find loopholes in the system and new ways to scam individuals.
Australians are becoming increasingly familiar with these type of text scams including the “Hi Mum”, TOLL Notice and ATO scams that gained notoriety late last year.
How do these text scams work?
Authorities are calling this particular text scam, “spoofing” which basically includes any scam where a criminal pretends to be a trusted brand or government agency to pressure an individual to provide personal information or make a payment.
“Spoofing is a text message in which criminals misrepresent a phone number,” Mr Sheehan said.
The criminal uses “alpha-tag” technology – which makes a text message appear to be from a legitimate sender by automatically registering a mobile number with a word or acronym, like for example “NAB”.
“When I’ve spoken to people who have fallen victim to this, inevitably one of the things they say is that NAB has been hacked,” Mr Sheehan said.
How is NAB stopping these scams?
Mr Sheehan said scams have become the number one priority for major banks across Australia, with NAB establishing four teams currently targeting scammers.
As for spoofing scams, they are working with telecommunication providers to nip the scam in the bud before it reaches customers.
The move to the ‘Do Not Originate’ list in late December has already resulted in a 50 per cent reduction in these types of spoofing cases, leading to a 70 per cent reduction in customer losses.
“One observation I would make is while we have had great co-operation from the telcos and they have moved as quickly as they can, there is no central, overarching legislative requirement,” he said.
“We are very much reliant on them acting voluntarily across the entire industry.”
Mr Sheehan did warn however that scammers are evolving at an incredibly fast pace to implement new scams.
These are transnational serious crime groups that are doing this,” he said.
“All they do all day is look for vulnerability gaps and opportunities.
“It is our top priority to do everything we can to protect our customers from scams and I know for other banks too it is taking up a lot of their time.”
Top tips for avoiding spoofing scams
1. Ring the mobile number on the official website
If you get a text message from any company, and it doesn’t seem right, you can find the official contact number on the company’s website and call them to verify the scam.
“Criminals can still send spoof texts and may have a variant that looks like NAB, so people need to remain really vigilant,” Mr Sheehan said.
2. Never click on links
“Do not click on any link in a text message,” Mr Sheehan said.
Clicking on the link may lead you to a website that mimics the brand and may ask you to pay money or provide personal details.
3. Remember: Banks will never text to ask for money
“We’re never going to ring someone or text someone and ask them for money, we will never do that,” Mr Sheehan said.
To make matters worse, if the customer makes an authorised payment, they may not be eligible for a refund.
“The great tragedy of these things is that if the customer makes the payment themself, they pass all the authentication codes,” Mr Sheehan said.
“If it’s classified as an authorised payment they may not be eligible for reimbursement.
“Leave your money in your account.”
Originally published as Aussie bank makes clever move to stop sneaky new text scam