For one week every November, we’re reminded of the global efforts to protect against telecom fraud. During International Fraud Awareness Week, which takes place from November 15 – 21, it is important to revisit the topic of telecom fraud and continue raising awareness around ways to fight fraudsters.
Many individuals are familiar with cybercrime like ransomware or identify theft; however, a large majority of scams against enterprises are instances of telecom fraud. According to research, telecom fraud cost businesses and carriers approximately $28.3 billion in 2019 alone.
Telecom fraud awareness is especially relevant in 2020 as much of the workforce has been operating in remote or hybrid deployments. With many companies extending the length of time they plan to be remote, they are also revisiting security training for their teams in an increasing digital landscape. Telecom security should be part of this discussion, so employees have the awareness and tools necessary to protect themselves against cyber criminals.
To help companies avoid falling prey to fraudsters, we’ve outlined three common types of telecom fraud and tips for how to mitigate risk and damages.
- Call Forwarding Fraud. PBX phone systems allow users to enable call forwarding to phone numbers. Oftentimes, a malicious party can hack into this process remotely by leveraging the system’s IVR and issuing commands via DTMF (dual-tone multi-frequency) signaling. Another way they can break into the system is by gaining access to an Internet-connected VoIP phone. In either case, the agent redirects the expensive international traffic to the fraudulent numbers, resulting in hefty phone bills to the company.
This type of fraud reveals itself through a spike in traffic to high cost destinations. To make matter worse, this type of fraud often spikes over holidays or weekends when individuals are out of the office and their phone numbers are not securely forwarded to other devices. To mitigate damages, service providers must have a monitoring and alarm system in place that will stop the fraud immediately.
- False Answer Supervision (FAS). FAS refers to the scenario where the answer signal of a call is modified and charged for non-conversational call time. There are three general types of false answer supervision:
- The carrier returns the answer signal when ringing starts, rather than when the customer answers. This increases the duration of the call, and therefore the cost of the call. A call may even be charged despite being dropped due to no answer.
- The more fraudulent variant of this scheme involves call diversion. Here, the fraudulent carrier will route the call to a recorded message that plays a ring tone and then a recording. This is intended to keep the calling customer on the line and paying for the call as long as possible.
- The third example of FAS is when a call is not terminated when the recipient hangs up and waits for the caller to disconnect. During the period between the recipient disconnecting and the caller disconnecting, the caller is billed.
FAS is particularly problematic because it preys on unsuspecting customers, resulting in high VoIP bills and, subsequently, high dissatisfaction with the telecom provider. To detect these calls, companies should look for short phone calls where the calling party hangs up nearly 100 percent of the time.
- Interconnect Bypass. Interconnect Bypass (also known as toll bypass fraud, interconnect fraud, GSM Gateway fraud, or SIM Boxing) is the unauthorized insertion of traffic onto another carrier’s network. In this scenario, fraudsters make international calls appear to be cheaper, domestic calls, effectively bypassing the normal payment system for international calling. In Interconnect Bypass, the fraudsters will typically sell long distance calling cards overseas. When customers call the number on the cards, operators can switch the call to make it seem like a domestic call. While this type of telecom fraud doesn’t directly impact the customer, it certainly drains carriers’ budgets.
Three Tips for Combating Voice Fraud
- Utilize a fraud management system (FMS). An FMS is an enterprise-wide data analysis platform that works well in detecting many different types of fraud. The FMS uses Call Data Records (CDRs) to create usage-based analysis profiles that detect threats and irregular activity. Most voice fraud detection platforms can automatically scan through phone number databases, ranges and destinations to determine “blacklist” callers. They can help notify team members of activity that might need further investigation.
- Regularly change passwords. A best practice is to set up secure PINs and passwords to the phone system, such as voicemail access, extension lines and other features that may be compromised if accessed remotely. Conference phones can also be a high target area, which are often forgotten about with poor usernames and passwords. If companies have a lot of passwords for multiple accounts as well as their PBX system, they might find it beneficial to invest in the use of a password generation and saving system.
- Practice call barring. Call barring lets users bar or block certain types of calls, IP addresses and destinations from being made to or from their phone. Some systems also let users block outgoing calls to chosen destinations. Another tip is to only authorize business or employee IP addresses to make calls.
Lastly, an important element when dealing with fraud is having a plan in place for when fraud does occur. Companies must ensure their employees know what to do to report malicious activity or fraudulent bills in a timely manner.
Intrado is a leader in fraud detection. Approximately 90 percent of the telco traffic in the world is handled by a small group of carriers – Intrado being one of them. Intrado participates with these other carriers on a regular call to discuss trace-backs, to detect bad actors across the networks. There is also representation from law enforcement on that weekly call. So, if calls are identified that continue to trace back to the same bad actor, law enforcement is given all the information needed to subpoena the bad actor.
If there is a violation that is autodetected by our system, an email goes out to customers requesting them to verify whether the traffic is legitimate. The customer then receives a link and are taken to their customer portal where they can easily report whether the activity was legitimate.