Lakeside House, Quarry Lane, Chichester PO19 8NY

hello@lms.group

SMS and telephone best practice: new guidance for organisations

The fight against scams is a team sport; new guidance explains how your organisation can help.

If, like many of us, you are working from home as a result of Covid, you've probably noticed the increase in dodgy text messages and cold calls. Like many phishing scams, the fraudsters behind these messages are preying on real-world concerns to try and trick you into interacting with them.

As the NCSC pivoted to support the government's Covid response, it quickly became clear that abuse of telephony services would also need to be managed. Those involved in producing the necessary text and phone communications had probably never had to consider the consequences of scam messaging before. After all, what would someone gain from exploiting public health messages?

In the early days of the virus, the speed at which the health messaging was changing meant that different departments - although well meaning - felt compelled to send their own communications. Central and local government (and the devolved administrations) had their own solutions, all outbound, cold calling, requesting personal data using their own telephone numbers.

Not surprisingly, the NCSC started getting queries about whether these contacts were legitimate, as the advice to protect yourself from cold call scams is 'hang up and call a registered number'. If the NCSC, as experts, struggled to quickly identify legitimate messages, what chance did the average citizen have, especially during the stressful, early months of the pandemic?

As more initiatives and services were created, the NCSC decided to create a centralised set of targeted advice and guidance to disseminate across all government departments.

The launch of the NCSC's Suspicious Email Reporting Service, which allows users to report all suspicious messages (including via SMS), helped to drastically reduce NHS-branded phishing.

Fraudsters are willing to exploit trusted brands - like the NHS - for their own gain. If you don't take payments, you might think that you’re not affected by SMS fraud. However, your customers (or potential customers) may not know that. This is why the NCSC emphasise that this guidance is as much about protecting the customer as it is about protecting your brand.

If you have any information relating to NHS COVID Pass or vaccine certificate fraud you can stay 100% anonymous by contacting CrimeStoppers online at covidfraudhotline.org or call on 0800 587 5030.

Visit LMS Group HQ