Lifecycles COO, Kelvin Chaffer, recently shared his views on the issue of telecom fraud and what can be done to contain it with telelcom.com
Fraudulent activity is nothing new within the telecom industry. Over the years, however, it has grown in its complexity, with the schemes dreamt up by fraudsters becoming more and more convoluted. The Covid-19 pandemic only exacerbated the issues, presenting fraudsters with a whole new range of schemes and targets. In the 12 months since the start of the pandemic, operators reported a 75% increase in incidences of fraud & security threats to their network had increased by 61%. Consumers were also targeted, with 82% of phone owners reporting they were targeted by suspicious SMS messages.
Now in 2022, the Russian invasion of Ukraine has opened another door for fraudsters to try and exploit. The most popular of these scams involves setting up fake charity pages to dupe members of the public into donating. As the volume and complexity of these scams increase there is additional pressure on telecoms to stay agile, informed and to manage these threats as they occur.
Where are Your Vulnerabilities
It is essential in the fight against fraud that telecoms know where their vulnerabilities lie, in doing so they can turn responsive measures into pre-emptive ones. It is however difficult to pre-empt fraudulent attacks due to their constantly changing nature. As a result, the losses suffered due to fraudulent activities have stretched into the billions. One of the most powerful ways fraudsters can target a telecom is to attack its infostructure at multiple points. This is particularly effective if systems are outdated or disconnected from one another. These vulnerabilities, create the opportunities scammers needed to successfully conduct payment, identity or account fraud. This can have a long-term impact on network bandwidth waste, the cost of customer support and significant damage to a telecom's reputation and service quality.
Over the last decade, phishing and spam messages have also increased. With these scams, fraudsters will look to funnel funds illegally into their own account with redirected calls and SMS messages. Subscriber fraud has also become a major vulnerability for telecoms. The main concern for telecoms with this fraud is that the services gained are often used to benefit more serious offences, eg organised crime or terrorist groups. By using fraudulent details to take out a contract, the fraudster is able to resell the device while the provider is forced to wipe the bad debt.
The Ongoing Methodology of Fraud
There are various methods used to conduct fraud. SIM Farms are becoming more and more common, this is where scammers will send out hundreds of SMS messages, with the aim of getting the personal details of a handful of recipients. This information can then be used for a SIM swap. This is a kind of digital identity theft, in which the fraudster takes over a mobile number and accesses one-time passwords to break into banking, social media and other accounts.
Phishing SMS techniques have recently become more sophisticated and can tap into real-life events to add a layer of conviction. For example during Covid-19 many would pretend to be offering vaccination bookings, only to then request payment before completing the fake booking. Fraudsters are also becoming more knowledgeable in spotting gaps in the law. For example in the UK there is no need for an individual to provide identification when purchasing a SIM, making it an easy gap to target. Telcos themselves are also reluctant to put these checks in place for fear of putting up what could be considered consumer “red tape” worrying that customers will just take their business to another telecom that doesn't impose these checks.
Early Warning of an Attack.
One of the best defences telcos have against fraudsters is to preempt what tactics and situations frauds are likely to deploy next. An example of this is when the war in Ukraine broke out many providers introduced zero rate calls. This greatly limited the ability of scammers to exploit the situation for their own gain. It also allowed telecoms to enact a fair usage policy control for their customers, allowing them to monitor the network and partner data sources for abnormal or suspicious activity.
Another form of network monitoring needed for early warning is advanced algorithms. These can scout a network in real-time and pinpoint SIM cards or devices being used in abnormal fashions. Types of activity these algorithms can detect large volumes of traffic, data consumption, SMS messaging or multiple SIM registrations in a short length of time. Automated workflows can then determine the next appropriate step. Transactions can be blocked and network users banned to limit the damage.
As Artificial Intelligence becomes more accessible and easier to deploy, it could be key to protecting both providers and subscribers. Fraudulent behaviour will be able to be detected in real-time and fraudsters and transactions can be immediately blocked. As the intelligence analyses more examples of fraudulent behaviour it is predicted it will be able to learn the behavioural patterns leading up to an attempt at fraud and block it before any damage is done.