- Telecom fraud is any activity intended to take advantage of telecom companies’ goods and services by deceit (fraudulent practices) or strategic attacks.
- There are three major types of telecom fraud: International revenue sharing fraud (IRSF), wangiri fraud and interconnect bypass fraud.
- There are several steps for us to take to avoid telecom fraud, including security, calling pattern analysis and call barring.
Telecom fraud put in simple words is any kind of activity designed to abuse telecommunications products and services to gain an advantage over telecommunications companies through deception (fraudulent practices) or strategic attacks. Telecom fraud includes landlines, mobile phones, cloud systems and on-premise PBX systems.
This sort of fraud, also known as telco fraud or telecom fraud, can also include hacking or theft of service often resulting in consumers facing unexpected charges while the operators are levied with revenue losses. Telecommunications fraud is becoming increasingly prevalent, costing a total of USD 1.8 Trillion in revenue losses while fraud expenses alone are to be 2.22% of revenues or $39.89 Billion.
3 major types of telecom fraud
1. International revenue sharing fraud (IRSF)
International revenue sharing fraud, or IRSF fraud, takes advantage of premium phone rates, which are then dialled unwittingly by users.
It is by far the biggest fraud challenge for telecom operators, costing the industry an estimated $4 to $7 billion a year according to Verdict. This is how it works: Bad agents sign up to lease a premium phone number. They break into a business’s phone systems and make calls to that number. The business pays as much as $1 a minute, 25% of which goes into the fraudster’s pockets.
Businesses may suddenly find themselves with astronomical phone bills for calls they do not recognise. The calls often happen outside of working hours and companies only realise they’ve been made when it’s time to foot the bill.
It doesn’t help that regulation is lacking in this area. Unlike with card payments, where the chargeback process can protect the person whose credit card was stolen, there is no such thing in the telephony world.
2. Wangiri Fraud
From the Japanese meaning “one and cut”, wangiri telecommunications fraud involves striking curiosity in customers by calling them, letting the phone ring once, and hanging up. The customer will often ring back, unwillingly calling an expensive premium number that the fraudsters control. According to the latest data that exists, wangiri scams cost the economy a significant $2.23 billion a year. This type of telecommunication fraud sits at number two of the top fraud methods reported in 2021, while the CFCA survey has also noted a year-on-year increase. The typical red flags for this kind of telecommunications fraud are spikes in traffic to high-cost destinations, which telcos should be able to monitor with their internal system.
Also read: AI: The opportunities and the threats
3. Interconnect bypass fraud
Interconnect bypass fraud, also known as SIM box fraud, takes advantage of something called a termination rate to make cheaper phone calls. It is estimated by CFCA to cost telecom operators $3.11 billion in lost revenue per year.
To understand it, let’s look at a scenario with two operators in different countries: A customer of Operator A calls a customer of Operator B. Operator A charges its customer a fee per minute. Operator B charges Operator A a fee for providing the call to its customer.
That last charge, where the call terminates, is the termination rate. These rates vary wildly depending on the contracts between the two operators. Some of them are expensive, others are close to 0.
This is where a fraudulent operator comes into the picture. They reroute these international calls using a SIM box or GSM gateway, effectively hijacking the connection to achieve cheaper termination rates. They are essentially making long-distance calls much cheaper, but the caller pays the same price – so the fraudster telco pockets the difference.
Also read: How to invest in Perplexity AI?
What can you do to avoid Telecoms fraud?
Security
The most important action to take when protecting your phone system, PBX or SIP is investing in good security and password/account management software. As we’ve discussed previously, you should be using password generation and saving systems, as well as choosing passwords with complex combinations. It’s also important that you don’t use the same password for multiple accounts or systems. If a hacker finds this password, they can use it to get into and take control of all your systems, so remember to regularly update your passwords and make sure no two passwords are the same.
Another way to protect your systems with passwords is to password protect your handsets. This covers your business line and mobile phone. If you leave your handset unprotected, it’s very easy for a hacker or scammer to get in and set up call features, like forwards and voicemails on the handsets. This solution can be done by both you and your provider.
Calling pattern analysis
Call pattern analysis helps identify patterns in call traffic and monitors and prevents calls which breach or go over specific limits. This can be based on costs, call duration, volume, time of day and call destinations. Call traffic can’t be monitored all the time, however, a vast majority of fraudulent traffic can occur during holidays and weekends, when customers and suppliers are away from the office and their devices. Any spikes in traffic should generate automated alerts to relevant parties and this activity can then be restricted, and additional measures can be put into place to protect you and your systems.
Call barring
Call barring lets you bar or block certain types of calls, IP addresses and destinations from being made to or from your phone. Our call barring on our VoIP control panel allows you to block outgoing calls to chosen destinations. You can personalise your call barring settings for both UK and international numbers. It’s also a good idea to bar calls from certain IP addresses and only authorise business or employee IP addresses to make calls.
In the digital age, the use of mobile networks is the most proficient than other modes of communication and global interaction. Abusing this system fraudsters can penetrate mobile systems via the customer’s network or the telecommunications service operator. Once fraudsters have gained access, they have several options to cause damage and leave the customer with an exorbitant bill.