Vonage & Twilio Are In Hot Water for Breaching Australian Anti-Scam Rules

As a result of Vonage’s breach, fraudsters sent 3,387 scam texts impersonating major enterprises

Vonage & Twilio Are In Hot Water for Breaching Australian Anti-Scam Rules
Data & AnalyticsLatest News

Published: October 18, 2023

Charlie Mitchell

The Australian Communications and Media Authority (ACMA) has taken action against Vonage and Twilio for breaching its SMS anti-scam regulations.

After an investigation, the government agency established that the two CPaaS giants allowed customers to send SMS messages – including sender IDs (i.e. shortened business names) – without making adequate checks that their tech wasn’t being utilized to execute scams.

Moreover, it uncovered that fraudsters had leveraged Vonage tech to send 3,387 scam texts impersonating organizations, including ApplePay, Commonwealth Bank, and Australia Post.

In total, Vonage enabled the sending of 11,780 non-compliant SMS messages.

Meanwhile, the ACMA also adjudged Twilio to have “inadequate” systems to comply with the rules. Yet, thankfully, in its case, there is no evidence that scammers exploited these vulnerabilities.

The agency has now formally directed both businesses to comply with its Reducing Scam Calls and Scam SMS Code, introduced in July 2022.

It will also continue conducting audits, warning telcos that they may face $250,000 fines for compliance breaches and highlighting how battling SMS scams is an ACMA priority.

Doubling down on this, ACMA Chair Nerida O’Loughlin stressed how scammers will continue exploiting the holes left open by such compliance breaches. She stated:

Since these SMS anti-scam rules came into place, Australian telcos have reported blocking almost 257 million SMS scams. But we know that scammers target the weakest links, so it’s vital that every telco has processes that are up to scratch to meet Australian standards.

“As the rules have been in place for over a year now, it’s unacceptable that we continue to find telcos allowing scammers to send SMS impersonating businesses domestically.”

Both Vonage and Twilio play a critical role here, providing the link between telecom networks and the internet.

These investigations by the ACMA will remind them – alongside their market rivals – that they must prove they’re taking proactive measures to comply with the code.

Vonage, in particular, has lots of work to do after it also breached regulations by failing to report how many scam SMS messages it had blocked for the past three consecutive quarters.

Yet, both businesses must now ensure they have sufficient checks in place to ensure customers have a legitimate case to harness sender IDs in SMS blasts.

Also, they must comply with all the other requirements within the ACMA’s anti-scam rules.

Indeed, this is an area where the Australian government has become very strict, releasing a “Fighting Scams” initiative that allows the ACMA to enforce actions.

In doing so, it hopes to protect citizens from financial harm and address rising scams and online fraud.

A Difficult Week for Vonage

After a positive September for Vonage – when it seized a leader spot in the inaugural Gartner CPaaS Magic Quadrant alongside Twilio – October has not proved so fortuitous.

Alongside the breach of anti-scam regulations, Ericsson – which acquired the vendor last year for $6.2BN – announced a Vonage impairment charge of $2.92BN earlier this week.

Impairment accounting assesses the fair market value of an investment, and – if it’s deemed to be decreasing in value – the company will lower the intangible asset amount on its balance sheet. That’s an impairment charge – and 2.92BN is an eye-watering number.

Yet, while it does suggest a significant devaluation of Vonage, the acquisition is a critical part of the vendor’s longer-term plan.

“Vonage remains key to our expansion into enterprise and to the transformation of our business,” said Borje Ekholm, President & CEO at Ericsson, during an earnings call, reinsuring investors.

From a strategic lens, Vonage is developing how we saw it and how we envisioned it.

Ericsson took a big step forward in its strategy last month, launching a Global Network Platform, which combines Vonage’s CPaaS technology and network APIs, enabling mobile networks and applications to talk to each other.

Such a platform makes exposing, consuming, and paying for advanced network capabilities easy. Meanwhile, it will enhance the mobility of over-the-top (OTT) apps, giving Vonage a more significant differentiator in the enterprise communications space.

Currently, one of its central differentiators is its close ties with Salesforce – which the vendor also aims to maximize after recently releasing an Omnichannel Messaging App for Salesforce.


CpaaSSecurity and ComplianceTechnology Media and Telecoms

Brands mentioned in this article.


Share This Post