Facing a wave of scams, Spark beefs up its cybersecurity offerings

Telecommunications provider Spark will next month launch a SMS “scam firewall” for its mobile customers which will automatically detect known fraudulent text message content.

The service will sit alongside two filters Spark is implementing to reduce exposure to malware, phishing, and child sexual abuse material.

It comes as CERT NZ, the government cybersecurity team last year brought within the National Cybersecurity Centre, warns that scam campaigns are still coming thick and fast, despite a dip in financial losses in the last quarter of 2023.

CERT NZ reported that $3.6 million was lost to cybercrime, down 24% from the July - September quarter.

CERT NZ Director Rob Pope said that this shows that malicious actors are not giving up.

"Phishing, whether it's via email, text message or phone call, remains the biggest category of all cyber incidents, and one we see on a daily basis," CERT NZ director Rob Pope said yesterday.

"The CERT NZ team deal with hundreds of phishing indicators every week and we know that New Zealanders are being caught out by the increasingly sophisticated campaigns."

But phone and SMS scam calls and messages have proliferated in the last couple of years.

Spark’s SMS scam firewall will be “informed by a global database of confirmed scam content” and is expected to “significantly reduce the amount of scam texts being received by Spark customers” by detecting URLs, phrases, and ‘calls to action’ that are known to be used in SMS scam campaigns, and blocking them, preventing them being received by the customer, Spark claims. 

“For many years, Spark has been monitoring outgoing SMS traffic patterns from our own network in an effort to detect scams, more recently with automation alerting our fraud teams to unusual activity so we can block offending accounts,” says Spark’s sustainability director, Leela Ashford.

“While this has resulted in a significant reduction in scam SMSs sent from our own network, our new filter improves our ability to detect and block this activity coming through to our customers from other mobile networks as well.”

Our large telecommunications providers are all members of the voluntary Code for Scam Calling and Scam SMS Prevention, which was introduced in 2018, and formalises processes and minimum standards in the industry for identifying and blocking scam calls and SMS activity. Australia went a step further in 2022 with the Reducing Scam Calls and Scam Short Messages Code, which similarly requires telcos to identify, trace, and block SMS scams, but is enforceable with fines of up to A$250,000 for breaches of the code.

Spark says it will be the first New Zealand internet provider to implement the Internet Watch Foundation’s URL block list to prevent child sexual abuse material (CSAM) from being accessed and distributed via its network. The list is updated by IWF twice daily. 

Spark runs the GCSB’s Malware Free Networks (MFN) service, which blocks confirmed malicious networks, and has also adopted a service called Brand Indicators for Message Identification (BIMI) on its spark.co.nz domain. 

This, Spark explains, “allows some email platforms to detect whether an email from Spark is legitimate by showing either its trademarked logo or a blue verification tick in the sender section”. 

CERT NZ’s Rob Pople says underreporting of cybercrime incidents and financial losses means the true extent of the impact isn’t fully known.

"There are also individuals suffering from large financial losses to these criminals as well as numerous businesses being targeted with ransomware and email harvesting," he says.

"Some of the wider, catch-all phishing campaigns we are seeing will undoubtedly result in more targeted attacks in the future. Because of this, CERT NZ urges New Zealanders to remain vigilant for incidents."