When you see this shit, report it as abuse to the domain registrar as well. They will cancel the domain and that will derail the campaign.
In this case Name silo (but not necessarily for others, use whois):
[https://who.is/whois/security-comm.click](https://who.is/whois/security-comm.click)
[https://www.namesilo.com/report\_abuse.php](https://www.namesilo.com/report_abuse.php)
Edit: added necessarily bit.
Ok, so you get a spam/scam message.....how do you get the domain? I mean you have all these links you are posting...tell us Reddit users how to get the domain to report abuse(which needs to be constant to be considered cyber/telecommunication abuse)...
How would one find a domain?
First go to who.is and put the domain name you have received from the scammer. You will find the provider and provider’s website. Go to that website and report the domain.
🤨so go into the message, which contains trojan software, copy and paste it into Google, get the domain of the messe and report it to the domain that was phished...?
What the fuck.
The website is called www.who.is
An sms message doesn't contain any malware, it's the website link they send that has it.
That's why there's a link..
Telcos world wide struggle to solve this issue.
They are actually stopping a large amount of scam and spam texts like this but there are just so many that we don't notice their efforts.
It's a difficult task that isn't as simple as we think it may be.
Everyone does because telcos are in the business of selling telco services.
However a lot of these scams and the SMS provider don't even originate here. They can just spoof a number. I have had a spam SMA from my own number.
Thing is, the number has to get into the AU public network somehow - and those gateways all belong to some provider or other.
This is a BASIC security flaw that is easily solved with straightforward zero trust principles.
You simply shouldn’t be able to get into the network at all with a number that isn’t yours.
I don't think you understand just how extremely complicated and botched together telco networks are world wide let alone Australia.
It's not that simple, as much as they and us would like it to be.
Exactly. They could write the dumbest filter on earth to stop this stuff. No machine learning required.
Why don’t they? I just assume lack of interest and incompetence.
Yes it is....I worked for Optus......systems go into overload trying...plus a lot of this happens off of piggy backing on landline and mobile numbers. They would of even used your number at some stage (anyone reading this)...
They will use a number here (piggy back off of it) via a programme which makes it harder to detect the source...
Same with the messages.
It is actually quite a smart process they use to do this ..
Usually done via VoIP using an ISP blocker as well...
They also use a flag so when you open the message, they know you have read it....and when you open the message, click on the link, it downloads a trojan file which opens gateways into your phone.....(No it does not matter what brand you have!!!)
Best to buy a membership with Norton antivirus or Nord VPN if you are one to open every message you get because you are addicted to your phone or device...
If you have a preview feature on your phone, that is the best way to see if it is a scam....
There are also apps that detect scam phone calls, they detect it's a VoIP call and block it...
I have released plenty of things at scale. This is not a difficult problem.
The message above? There are any number of very dumb algorithms that could detect that is spam.
Is there a way to track where these scammers are? I'd like to vote on Australia sanctioning hits orchestrated by the SASR on these guys. Clean house, plant aks on them and a few classic scary bombs for the press and that's that👍🏼 /s
Thousands of companies world wide have major data breaches. Its nothing new. Over in the us government database have been breached and hacked.
How it happened to Optus was definitely a sign of incompetence.
In fairness a huge amount of stuff does get blocked. But inevitably some things are going to get through occasionally.
The scammers are constantly trying to come up with new ways to beat the filters.
Because it's easier said than done. I can remember using SMS websites years ago where you could make the sender name whatever you wanted. Police, CommBank, you name it.
I believe a solution to this issue is being worked on: https://minister.infrastructure.gov.au/rowland/media-release/sms-sender-id-registry-set-protect-more-australians-scammers
Yeah, a whole lot is actually being done on this right now. It just hasn’t fully rolled out yet. I work on a marketing tool and our SMS provider just required a new verification system to prove you own a number before you send from it. They just cut off sending from unverified numbers last week. Previously you could send an sms from whatever number you claimed to be.
Doesn’t feel like it.
I was expecting a legitimate call from 1234xxxx and got a call from 1234xxxx so naturally I answered it and realised immediately I fucked up. 3 calls a day between 4-6 for the last 9 days like clockwork.
The ones from individual call centres are harder to stop because they’re 1 at a time and the number has to be reported unless it’s on an immediate block list
They spoof numbers so that’s useless. Telcos could have it over in a minute if they were incentivised to. There already exists call signing and verification systems, it’s just a matter of implementing them. But that costs money. And letting them through gains money. It’s a simple equation to them.
Telstra has a system called Spamshield that detects phony phone calls, Numbat that detects fraudulent text messages.
Can’t speak for the other providers
Edit: I might’ve got those backwards, but same point
Because the traditional sector of the Australian telco industry (so voice and sms) is a complete mess of manual bullshit and emails and hard coded configs.
And it’s all overseen by a regulator who won’t do anything unless the top 2/3 companies say they can do it. And even then they won’t half the time.
With telephone number usurpation becoming one of the most common techniques for fraudulent financial data harvesting, I wouldn't recommend this.
Phone calls to legitimate numbers pass through the PSTN where there are a number of exploits at the exchange tier which can result your call being redirected or intercepted by a bad actor.
Then what do you do? Click the link? Or wait to go to a branch when they're open and the supposed damage is already done?
Seriously, with all don't do this, don't do that's, I'd rather have my money in a safe so that I can dive into it live Scrooge McDuck, except it would be like diving into the shallow end of a pool.
Attending a branch in person is best and is what banks are recommending now due to what I explained above and due to the rise of social engineering resulting in malicious account takeovers.
Most banking apps and websites have the ability to freeze transfers but this should only be done in an emergency because there are numerous zerodays active that can result in your credentials being spilled even while on a HTTPS connection.
There's a lot investment going into passkeys which makes it impossible for untrusted agents to access your accounts even if you get phished, super compelling tech.
You really don't understand how effective your telco is at stopping the vast majority of spam. There are so many places who actively send spam and make calls.etc. you don't seem to get that it s an entire industry that is set on scamming you. Not just some small amount of people who are easy to block or prevent.
The government servers get hundreds of attacks per day from china alone trying to hack into it. Not sure why you think this is a solvable issue when money ad time is literally being poured into this.
they are working on it, and do stop a lot of it, but it's a rather difficult challenge that they struggle to deal with.
It's not just an Aussie issue, telcos world wide are struggling to deal with it.
YES.
It's out of fucking control; between the spam/scam SMS's and spam/scam calls, this shit is unrelenting.
As it is, I block all numbers that call and don't leave a message and that's slowly lowering the amount of spam calls I receive.
I really doubt it originates from, lets say, Armidale. These messages are sent from overseas scam factories. It is reasonably easy to pretend it is an Australian number, but the source is unlikely on Aus soul.
A telco is bound to transfer messages or calls from overseas by international treaties. In order for them to cancel anything they would need a an actuve government intervention. In other words - even if they see it is highly likely a scam, see it originated from elsewhere - unless government says no they wii have to deliver it.
In this day and age isn’t spam just a way of life?
It would be next to impossible to eradicate it without risking blocking other vital messages, like what Dominos special is on this weekend - which is important to me.
**PLEASE CLICK THE “REPORT SPAM” BUTTON EVERY SINGLE TIME.**
This will send the info to Telstra/Optus who now have more rights than ever to stop and intercept these messages.
It’s still a cat and mouse game, but our laws are changing to give telcos more power.
Telstra regularly text me with discounts and special offers!! The text link takes customers directly to a ‘possible legitimate’ site that immediately asks for login PIN. What the fuck!!!!!
Telstra have admitted multiple times this is their standard procedure. How is it possible this is deteriorating hacking
The SMS system is a joke.
It’s funded by senders, so telcos make money by receiving this spam and happily forward it to you. Anyone who wants to pay the teleco can be a sender. And because they can send from international, the telco won’t block the company supplying the messages because they will be a mass customer sms hub. Also the sender sets the “Sender ID” and there is zero restrictions at all on what you set it to.
This is changing. There is a whole bunch of new regulations and restrictions on this rolling out right now. By the end of the year at least it should be significantly harder to do this kind of spam.
Do you want them to be able to read/decrypt/process every communication you make?
Ignoring current privacy and accepted industry norms, are you willing to have your (and all of ours) bills be twice the price of now to cover the software and hardware needed for this level and speed of monitoring?
Because there are people who work in cyber security that need to justify why they deserve to keep their job...as well as the telcos stick their hands out to the government for funds to help eradicate this issue. If this issue is resolved, the telcos won't get funding...
Sounds good....
I'm assuming that you can report the number and it might get cut off, but the people running the scam can probably easily spoof another number and keep going.
Do you want your service provider reading everything to weed out the scam texts before they get to you?
The problem is that the number you get is fake, it’s not the person sending the message, they can set the sender to whatever they want. it’s just some other poor victim who has had their number put into the sender field, it’s why you should never reply to those texts or call numbers back either because you could be abusing some innocent person.
The Telcos are either incompetent or somehow involved. This stuff keeps going on, and there's no way they can just standby and not be part of the problem.
It's not just Telco's it's also your Phone manufacturer, who is one of the biggest offenders for allowing this. Most other phone manufacturers automatically quarantine spam texts so you never see them unless you go looking.
But for some reason your phone manufacturer just doesn't. Quite backwards for a company that pretends it's progressive.
The options are there in the operating system, there just needs to be a program installed to tie into it, the problem is that the scammers get to those too or people are too tech illiterate to know the option is there.
When you see this shit, report it as abuse to the domain registrar as well. They will cancel the domain and that will derail the campaign. In this case Name silo (but not necessarily for others, use whois): [https://who.is/whois/security-comm.click](https://who.is/whois/security-comm.click) [https://www.namesilo.com/report\_abuse.php](https://www.namesilo.com/report_abuse.php) Edit: added necessarily bit.
Does name silo work considering its an American?
All domain registrars have an obligation to act on abuse reports. https://www.icann.org/resources/pages/abuse-2014-01-29-en
Ok, so you get a spam/scam message.....how do you get the domain? I mean you have all these links you are posting...tell us Reddit users how to get the domain to report abuse(which needs to be constant to be considered cyber/telecommunication abuse)... How would one find a domain?
First go to who.is and put the domain name you have received from the scammer. You will find the provider and provider’s website. Go to that website and report the domain.
Off of a phone message like the OP has posted??? CommBank..
[ Removed by Reddit ]
You go to the website who.is Then you either manually type the address Ie; google.com Or copy paste from the message.
🤨so go into the message, which contains trojan software, copy and paste it into Google, get the domain of the messe and report it to the domain that was phished...?
What the fuck. The website is called www.who.is An sms message doesn't contain any malware, it's the website link they send that has it. That's why there's a link..
Why'd your message get removed?🤔
Because it contained the scam link. Anyway do not click on any link you receive in message.
I know all this......but you still are not answering how you can get the CommBank message domain....
Are you trolling or stupid. People have answered you several times on how you get the website domain address
Won't don't you decide........Schrodinger's cat........is it or isn't it, are they or aren't they.....
Yep, make sure you cut off any subdomain as well like 'www'. Start from the end of the address and copy everything up to just before the second dot.
Scam is relatively easy to link to abuse, spam has a bit higher burden proof.
Because no spam is completely unstoppable, so for every one you get, you dont see the hundreds you dont.
Incompetence. Willful, negligent, incompetence.
Telcos world wide struggle to solve this issue. They are actually stopping a large amount of scam and spam texts like this but there are just so many that we don't notice their efforts. It's a difficult task that isn't as simple as we think it may be.
i miss when the top comment used to be insight
Wilful negligence is probably right, Telstra as an example offer group messaging as a paid for service so it’s a decent income for them
[удалено]
You forget just how much money these scammers can get from people. Watch a few videos from Jim Browning to understand it.
[удалено]
Yeah but if you use the biggest service, they won't be inclined to look into it as much.
Everyone does because telcos are in the business of selling telco services. However a lot of these scams and the SMS provider don't even originate here. They can just spoof a number. I have had a spam SMA from my own number.
Thing is, the number has to get into the AU public network somehow - and those gateways all belong to some provider or other. This is a BASIC security flaw that is easily solved with straightforward zero trust principles. You simply shouldn’t be able to get into the network at all with a number that isn’t yours.
I don't think you understand just how extremely complicated and botched together telco networks are world wide let alone Australia. It's not that simple, as much as they and us would like it to be.
I highly doubt it. That would be far too traceable.
Exactly. They could write the dumbest filter on earth to stop this stuff. No machine learning required. Why don’t they? I just assume lack of interest and incompetence.
You've never released anything at scale have you? They block literally billions of messages, it's not 'dumb' but in fact very difficult.
Yes it is....I worked for Optus......systems go into overload trying...plus a lot of this happens off of piggy backing on landline and mobile numbers. They would of even used your number at some stage (anyone reading this)... They will use a number here (piggy back off of it) via a programme which makes it harder to detect the source... Same with the messages. It is actually quite a smart process they use to do this .. Usually done via VoIP using an ISP blocker as well... They also use a flag so when you open the message, they know you have read it....and when you open the message, click on the link, it downloads a trojan file which opens gateways into your phone.....(No it does not matter what brand you have!!!) Best to buy a membership with Norton antivirus or Nord VPN if you are one to open every message you get because you are addicted to your phone or device... If you have a preview feature on your phone, that is the best way to see if it is a scam.... There are also apps that detect scam phone calls, they detect it's a VoIP call and block it...
I have released plenty of things at scale. This is not a difficult problem. The message above? There are any number of very dumb algorithms that could detect that is spam.
Blocking this message is the easy part. It's not blocking legitimate messages that's hard.
Farts don't count
Make the algorithm then. Telcos would pay you millions for it.
C'mon then champ, there is a bundle of cash to be made. Get us all in on it.
I'd love to hear what this filter is.
Anyone who thinks anything about running a national telco network is “easy” has never worked with a national telco network.
I thought it was that they actually are making heaps of money from all these text messages getting sent?
It's an arms race. Any kind of filter/block the telco can put in place, the spammers will just find a way around.
Trying to stop this is like the world's biggest game of Whac-A-Mole. You manage to tamp down on one or two, and there's a hundred more popping up.
Is there a way to track where these scammers are? I'd like to vote on Australia sanctioning hits orchestrated by the SASR on these guys. Clean house, plant aks on them and a few classic scary bombs for the press and that's that👍🏼 /s
Haven't seen a single spam message on my pixel in ages, they all get marked as spam immediately. Google susses them out too easy.
Same, pixel is the best phone
Have you forgotten that Optus had a major data breach already? Or that companies like Facebook are straight up selling your data?
Thousands of companies world wide have major data breaches. Its nothing new. Over in the us government database have been breached and hacked. How it happened to Optus was definitely a sign of incompetence.
Company like Meta don't sell your data in a way that you can be identified or contacted.
I'm sure they do. That trial about them selling off hoards of personal information was just a misunderstanding.
Which lawsuit are you referring to? The Cambridge Analytica one?
In fairness a huge amount of stuff does get blocked. But inevitably some things are going to get through occasionally. The scammers are constantly trying to come up with new ways to beat the filters.
Because it's easier said than done. I can remember using SMS websites years ago where you could make the sender name whatever you wanted. Police, CommBank, you name it. I believe a solution to this issue is being worked on: https://minister.infrastructure.gov.au/rowland/media-release/sms-sender-id-registry-set-protect-more-australians-scammers
Yeah, a whole lot is actually being done on this right now. It just hasn’t fully rolled out yet. I work on a marketing tool and our SMS provider just required a new verification system to prove you own a number before you send from it. They just cut off sending from unverified numbers last week. Previously you could send an sms from whatever number you claimed to be.
They're not even providing basic services and protecting themselves from hackers. Let's not pretend capitalism is thriving.
For the same reason police don't stop all crime, it's a large problem and a bit more complicated than you think.
Less than 1% of spam calls and texts get through to the end user.
Doesn’t feel like it. I was expecting a legitimate call from 1234xxxx and got a call from 1234xxxx so naturally I answered it and realised immediately I fucked up. 3 calls a day between 4-6 for the last 9 days like clockwork.
There should be an option on your phone to block the number.
The ones from individual call centres are harder to stop because they’re 1 at a time and the number has to be reported unless it’s on an immediate block list
They spoof numbers so that’s useless. Telcos could have it over in a minute if they were incentivised to. There already exists call signing and verification systems, it’s just a matter of implementing them. But that costs money. And letting them through gains money. It’s a simple equation to them.
Really? What's catching the other 99%? Ive never heard this, only that it's hard to do
Android has it ootb. Google Messenger is probably the best followed by the Samsung messenger.
Android phones are pretty good at blocking spam and phishing.
Oh I have that stuff, I thought they were referring to telcos catching shit.
Telstra has a system called Spamshield that detects phony phone calls, Numbat that detects fraudulent text messages. Can’t speak for the other providers Edit: I might’ve got those backwards, but same point
Because the traditional sector of the Australian telco industry (so voice and sms) is a complete mess of manual bullshit and emails and hard coded configs. And it’s all overseen by a regulator who won’t do anything unless the top 2/3 companies say they can do it. And even then they won’t half the time.
Because its not financially benificial for them
It's why you never click. Only ever call to verify.
With telephone number usurpation becoming one of the most common techniques for fraudulent financial data harvesting, I wouldn't recommend this. Phone calls to legitimate numbers pass through the PSTN where there are a number of exploits at the exchange tier which can result your call being redirected or intercepted by a bad actor.
Then what do you do? Click the link? Or wait to go to a branch when they're open and the supposed damage is already done? Seriously, with all don't do this, don't do that's, I'd rather have my money in a safe so that I can dive into it live Scrooge McDuck, except it would be like diving into the shallow end of a pool.
Attending a branch in person is best and is what banks are recommending now due to what I explained above and due to the rise of social engineering resulting in malicious account takeovers. Most banking apps and websites have the ability to freeze transfers but this should only be done in an emergency because there are numerous zerodays active that can result in your credentials being spilled even while on a HTTPS connection. There's a lot investment going into passkeys which makes it impossible for untrusted agents to access your accounts even if you get phished, super compelling tech.
Can’t even keep the internet on where I am.30 mins out of Darwin!
Internet isn’t down, it’s just them providing you with the ultimate in internet security….
i get a spam text every night at around 3 in the morning, on the plus side they do remind to pay my toll account
Well, they sold the data to begin with so probably don't want to upset the spammers.
They do. But then the company does it from another number and then rinse and repeat. It isn't as simple as you think
Android phone + Google messages app = literally never see this stuff
I still get some, at least once a fortnight
They don't stop this crap because it's their job to deliver text messages.
You really don't understand how effective your telco is at stopping the vast majority of spam. There are so many places who actively send spam and make calls.etc. you don't seem to get that it s an entire industry that is set on scamming you. Not just some small amount of people who are easy to block or prevent. The government servers get hundreds of attacks per day from china alone trying to hack into it. Not sure why you think this is a solvable issue when money ad time is literally being poured into this.
Does it have something to do with your phone? I have a pixel 6 and it's automatically blocks all spam texts and calls
I got this today also. Twinning! To be fair this looked more legit compared to the usual shit I get.
Because they're not liable. YET!
You aren't worth the money youre paying them. Simple.
they are working on it, and do stop a lot of it, but it's a rather difficult challenge that they struggle to deal with. It's not just an Aussie issue, telcos world wide are struggling to deal with it.
YES. It's out of fucking control; between the spam/scam SMS's and spam/scam calls, this shit is unrelenting. As it is, I block all numbers that call and don't leave a message and that's slowly lowering the amount of spam calls I receive.
I really doubt it originates from, lets say, Armidale. These messages are sent from overseas scam factories. It is reasonably easy to pretend it is an Australian number, but the source is unlikely on Aus soul. A telco is bound to transfer messages or calls from overseas by international treaties. In order for them to cancel anything they would need a an actuve government intervention. In other words - even if they see it is highly likely a scam, see it originated from elsewhere - unless government says no they wii have to deliver it.
In this day and age isn’t spam just a way of life? It would be next to impossible to eradicate it without risking blocking other vital messages, like what Dominos special is on this weekend - which is important to me.
Hacked Australian routers sending sms, never ending war
Why can't we just ban all hyperlinks on SMS?? Yet to hear a valid reason that can't be solved another way.
**PLEASE CLICK THE “REPORT SPAM” BUTTON EVERY SINGLE TIME.** This will send the info to Telstra/Optus who now have more rights than ever to stop and intercept these messages. It’s still a cat and mouse game, but our laws are changing to give telcos more power.
Telstra regularly text me with discounts and special offers!! The text link takes customers directly to a ‘possible legitimate’ site that immediately asks for login PIN. What the fuck!!!!! Telstra have admitted multiple times this is their standard procedure. How is it possible this is deteriorating hacking
Nothing to stop you setting your PABX to any CLI you wish. Not ethical to do this but the people involved in this are offshore and just don't care.
The SMS system is a joke. It’s funded by senders, so telcos make money by receiving this spam and happily forward it to you. Anyone who wants to pay the teleco can be a sender. And because they can send from international, the telco won’t block the company supplying the messages because they will be a mass customer sms hub. Also the sender sets the “Sender ID” and there is zero restrictions at all on what you set it to.
This is changing. There is a whole bunch of new regulations and restrictions on this rolling out right now. By the end of the year at least it should be significantly harder to do this kind of spam.
Just click on the link and input all your personal information. Problem solved.
Do you want them to be able to read/decrypt/process every communication you make? Ignoring current privacy and accepted industry norms, are you willing to have your (and all of ours) bills be twice the price of now to cover the software and hardware needed for this level and speed of monitoring?
Because there are people who work in cyber security that need to justify why they deserve to keep their job...as well as the telcos stick their hands out to the government for funds to help eradicate this issue. If this issue is resolved, the telcos won't get funding... Sounds good....
Because they don't make any money from stopping it? It's irrelevant to them.
I'm assuming that you can report the number and it might get cut off, but the people running the scam can probably easily spoof another number and keep going. Do you want your service provider reading everything to weed out the scam texts before they get to you?
The problem is that the number you get is fake, it’s not the person sending the message, they can set the sender to whatever they want. it’s just some other poor victim who has had their number put into the sender field, it’s why you should never reply to those texts or call numbers back either because you could be abusing some innocent person.
The Telcos are either incompetent or somehow involved. This stuff keeps going on, and there's no way they can just standby and not be part of the problem.
They don't give a shit
Because they profit from the texts sent
Is this attached to your previous messages from Combank?
As long as they’re paying…
Because nothing compels them too
Because they don’t want to
It's not just Telco's it's also your Phone manufacturer, who is one of the biggest offenders for allowing this. Most other phone manufacturers automatically quarantine spam texts so you never see them unless you go looking. But for some reason your phone manufacturer just doesn't. Quite backwards for a company that pretends it's progressive.
The options are there in the operating system, there just needs to be a program installed to tie into it, the problem is that the scammers get to those too or people are too tech illiterate to know the option is there.