But she does put me on to Narelle Devine, Telstra’s chief information security officer, who says the reason it’s so bad right now is because Australia, with help from other nations and Interpol, killed off the flubot scam earlier this year. The thieves, robbers and fraudsters have just moved to a new business model. Exhausting. But Devine says every time we report a scam, it gives her new information to feed the machines, so they know best what to look for.
What’s her number-one golden rule for fending off these attacks? Whether it’s love or money, if it’s too good to be true, it probably is. And I thought Yo had trust issues.
Scamwatch, run by Australia’s consumer watchdog, the ACCC, has an impressive and depressing list of the latest scams – from rare ferret sales to Afterpay verification codes, from banks you’ve never banked with to texts asking you to click on a link to confirm an order you never made. The most disrespectful of all time – texts pretending to be from Australia Post with the URL AustraliaPostDelay. As if Australia Post would ever admit to delays in a URL.
Delia Rickard, the ACCC’s deputy chair and queen of Scamwatch, has her own personal way of avoiding scams. She hasn’t picked up her home phone in years. She talks to everyone about how scams work. Both of her kids from her. Friends and family. Rickard’s mum fell victim to a social security scam because the fraudsters played on the anxiety around pensions. Honestly, these people are just the worst. And it is hard to get ahead of organized criminal behaviour. These kids aren’t in a basement looking to rip you off once.
“It’s an arms race. We find new ways to stop them and they find new ways to get around them.”
I ask her what she thinks about Telstra’s anti-spam technology. Mostly I ask her this because the ACCC has spent a lot of time clobbering Telstra, quite rightly, but she’s very on-board. She says Telstra is the market leader in spam-blocking.
What can we do? Trust nobody. What can telcos do? Be more like Telstra (even though I am a devoted and long-standing customer, that’s something I never thought I’d write). And what can banks do? Make it possible for us to see exactly where our money is being directed, says Paul Haskell-Dowland, a cybersecurity expert at Edith Cowan University. PayID is a good example. He’s also very pro-reporting on what happens to you if you get scammed.
There’s no shame, he says. Reporting it quickly sometimes makes it easier to get your money back.
But the best defense is to lack trust in everyone. Even your kids.
The Opinion newsletter is a weekly wrap of views that will challenge, champion and inform your own. Sign up here.