Telstra clamps down on mobile authentication spam

Telco implements common-sense measures to avoid unwanted SMS spam

Telstra has added anti-spam measures on its mobile validation system following complaints from customers.

The system requires users to validate their handset for use with BigPond Mobile services such as MMS and email by typing their mobile number into a configure page on the Telstra website. The validation system sends an SMS with a unique code to the handset which, once inserted into the website, activates the Bigpond services.

However, until recently the system did not check whether the number input to the website actually belonged to a Telstra service, and had no restrictions on how many times the user could go through this validation process. As a result, several users (including a journalist at Computerworld Australia) complained of having received multiple SMS messages from the service, despite never personally going through the validation service and, in some cases, never having a Telstra service at all.

After delivering the offending SMS to the Australian Communications and Media Authority's (ACMA) new anti-SMS spam hotline and following up with Telstra directly, Computerworld Australia was told by a spokesperson at the telco that the problem had been resolved.

"We think somebody was mistyping their number, and that was why you were getting it," the spokesperson said. "We've now amended the system so that it will validate that it's a Telstra number that's been put in, and it will restrict the number of times that you can request the validation password to be sent."

The ACMA soft launched its new anti-SMS spam hotline to allow consumers receiving spam SMS to send the offending message directly to a mobile number run by ACMA, rather than through an online form.

A source within ACMA said the hotline (0429 999 888) had not yet been officially launched and was currently being trialled among staff and people who regularly complain about SMS spam. However, the service is already being advertised on the ACMA website and consumers can register to use the service. According to the source, it was being set up due to a recent influx of complaints regarding SMS spam, and was being implemented to make it easier than the online forms currently used by the authority.

The Telstra moves follow several high-profile spam cases in recent times.

In March, the ACMA accepted an enforceable undertaking from Virgin Mobile related to breaches of the Spam Act.

The undertaking relates to an 4500 instances of an email sent to Virgin Mobile customers in July who had ‘opted out’ of receiving marketing messages from the company and promoting the benefits of ‘opting in’, according to the ACMA.

The email contained three examples of then recent promotional offers and encouraged customers to opt back in to receiving promotional offers.

In February, Commonwealth Bank subsidiary CommSec was hit with an enforceable undertaking for the alleged sending of commercial messages to customers after they had withdrawn their consent.

According to the communications regulator, CommSec also conducted email campaigns in January, February and March 2009 which did not provide an option to unsubscribe.

Under the enforceable undertaking CommSec has agreed to pay $55,000 and has undertaken to review its compliance systems.

And in November last year, Vodafone Hutchison Australia (VHA) was asked to make a 'voluntary payment' of $110,00 to ACMA for breaches of the Spam Act 2003.

The payment was part of an ‘enforceable undertaking’ which related to breaches of the Act that VHA - along with Coca Cola South Pacific (CCSP), New Dialogue and Big Mobile - made during a marketing campaign that promoted certain Coca-Cola products through SMS.

The ACMA announced it had also issued a formal warning to CCSP and accepted an enforceable undertaking from VHA, which included a financial component of $110,000.

The regulator accepted enforceable undertakings from media agency New Dialogue which includes a fine of $22,000.

Content aggregator Big Mobile also agreed to pay compensation to each recipient of any SMS message that breached the Spam Act during the 12 month term of its enforceable undertaking.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags TesltraspamvhaAustralian Communications and Media Authority (ACMA)CommSec

More about Commonwealth Bank of AustraliaCommSecCSPDialogueHutchisonTelstra CorporationTelstra CorporationVHAVirgin Mobile AustraliaVodafone

Show Comments