From 1 July, Australian consumers may notice a small but important change in the texts they receive from businesses and organisations, including messages from their customer-owned bank.
The change is part of new anti-scam protections being introduced by the Australian Communications and Media Authority (ACMA) to make it harder for scammers to impersonate trusted brands.
What’s changing?
Starting in the new financial year, organisations including customer-owned banks will be required to register their sender IDs in line with new anti-scam rules coming in force. This means registering their sender IDs in ACMA’s SMS Sender ID Register, so the name reflected at the top of SMS is the respective bank’s name.
With scammers increasingly embedding fake messages in genuine company SMS threads to trick consumers into clicking suspicious links, the Sender ID Register will help people identify authentic messages from their bank.
“The SMS ID register allows customer-owned banks to clearly identify themselves when sending texts to customers. This is important when it comes to texts involving account alerts, delivery updates, security codes and other important bank communications,” explained COBA’s Head of Financial Crimes and Cyber Resilience Martin Latimer.
“Sender ID must be clearly linked to your customer-owned bank. This helps reduce the risk of confusion or impersonation,” he added.
Banks who don’t register their sender ID will find their text messages labelled as ‘Unverified’ and may be grouped with other ‘Unverified’ messages, such as scam messages.
Examples of what unverified messages will look like from 1 July has been provided by ACMA here.
Why this matters
The necessity of registering the sender ID, with branding at the top of the message (such as ‘AusPost’, ‘ATO’, ‘myGov’), means consumers can be more confident these messages are from who they say they are from.
“There’s specific criteria needed to register for a sender ID, which may be useful if consumers are in doubt about the validity of a text purporting to be from their customer-owned bank,” Latimer explained.
However, it’s important to know that these changes will apply to SMS only. This means it will not apply to texts from phone numbers or messaging apps such as WhatsApp, iMessage and Facebook Messenger.
While this is an important initiative to curb scam activity, this does not mean scammers will no longer try to impersonate real brands in text messages.
“When in doubt, do not click on any suspicious messages. Instead, find the official contact details for the business or organisation yourself, such as their official website or on a bill provided,” Latimer advised.
If you are concerned you shared personal or payment details, contact your bank or financial institution immediately to secure your account.
If you suspect a scam, report the number to National Anti-Scam Centre (NASC) – Scamwatch.