The Australian Communications and Media Authority has taken action against a pair of local telecommunications providers for violations of Australia’s mobile number fraud rules.
SpinTel was penalised $59,400 after an AMCA investigation found that scammers had exploited a vulnerability in its systems to harvest MFA codes on ten occasions between February and March 2025, leading to losses of more than $45,000.
The company has also entered into an 18-month court-enforceable undertaking to perform an independent review of its security posture.
“Losing thousands of dollars in seconds can be devastating and have lasting impacts. Once a scammer gets access to your mobile phone service, you’re in danger,” ACMA member Samantha Yorke said in a May 7 statement.
“They can then gain access to your banking apps, health records, personal information and more.”
Yomojo had not been fined but had been issued a formal warning after it was found that the company had failed to publish advice on its website directing customers to report mobile number porting fraud to law enforcement.
Telcos must, by law, share the steps required to report such fraud if a customer fears they are a victim.
“This is the sixth enforcement announcement in the past year under our push to see consumers protected from this type of fraud. We are deeply concerned that so many telcos have had system vulnerabilities, placing Australians at risk of preventable harm,” Yorke said.
“The ACMA has been providing advice to the telecommunications sector about potential weaknesses and emerging threats as part of our compliance program, and we urge all providers to ensure their systems are tested and secure.”
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.
David Hollingworth
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.