Premium rate numbers are begging to be used for telecom fraud

Premium rate numbers have a higher than normal rate, and part of that extra charge is paid to the service provider, enabling businesses to be funded by the calls. Internet calls make it easy to use these numbers to monetize telecom fraud. This paper will show you how it works, and how to prevent it.

Lee Beaumont wants you to call him – preferably on his new home phone number. Just watch out. Lee now uses a premium rate number for his home phone. You’ll be charged 17¢ for the call, and Lee will receive about 70% of the proceeds.

In a month, he’s made over $500, mostly from telemarketers. But he’s hoping to make much more. Beaumont originally registered for the premium number because he was tired of sales calls interrupting his favorite TV shows. Beaumont said it was very easy to set up the premium rate number: he found a company online and paid a one-off £10 plus VAT, with no other fees or charges.

Changed his home phone to a premium rate number

Lee Beaumont premium rate numbers

Now Beaumont is actively looking for ways to increase calls to his number. “I actually want to be cold-called now,” he said. “I look for ways to get companies to call me.”

When he opens a new bank account, switches energy supplier and so on, and the company asks for his home number, he gives them the premium rate number. After a recent problem with his online shopping, he declined to call a customer service number but posted his number on Twitter, hoping the number would be picked up by marketing companies.1

Lee Beaumont is just one of many people who have learned to exploit the premium rate number system. Though his example is fairly innocuous, it illustrates how simple the basic idea of premium rate number fraud is, and how easy it is for anyone to game the system.

What are premium rate numbers?

Premium rate numbers have long been a staple of the telecom industry. These numbers charge a higher than normal rate and part of that extra charge is paid to the service provider, enabling businesses to be funded via the calls. Adult chat lines (phone sex) and psychic hotlines are very common uses of premium rate numbers. In Europe, it is not uncommon for technical and customer support services to use premium rate numbers as well.

The problem with premium rate numbers is that they are easy to exploit. The money that is paid to the “business” acts as a strong incentive to pump traffic to a phone number. Traffic pumping, or access stimulation, is a scheme in which a fraudster uses inappropriate means to artificially inflate traffic to their premium rate number.

As Jim Dalton, president of TransNexus put it, “Premium rate numbers are begging to be used for fraud. The premium rate number business model made sense before VoIP technology was available. Now, a whole eco-system has evolved that makes traffic pumping fraud to premium rate numbers an easy endeavor for anyone.”

Fraudsters today can hack into a phone network, use stolen equipment, or simply use deceptive practices to generate traffic to premium rate numbers. The results can be tens of thousands of dollars in fraudulent charges.

Because the general public looks at telecom fraud as similar to credit card fraud, as something for which they should not be liable, most service providers are unable to collect payment for the huge charges, and are instead stuck paying the bills themselves.

According to the FCC, “Unfortunately, there are companies and individuals who engage in all of these kinds of deceptive and fraudulent practices, and the FCC receives a steady stream of complaints as a result.”2

How a fraudster gets started with premium rate number fraud

It is shocking how easy it is for someone to get started with premium rate number fraud. Where do they get these numbers? How do they get started? Many sources for these numbers can be found through a simple Google search. Our research at TransNexus turned up 41 premium rate number services that offer quick setup for premium rate number services.

premium rate number services

A potential fraudster need only contact one of these companies to be provided with a list of premium rate numbers. The service will then give the fraudster a cut of the income provided from calls to those numbers.

Many services even offer help setting up a custom Interactive Voice Response system (IVR) or call center answering. Fraudsters need only specify whether they want the line to be answered with psychic readings, betting tips, chat lines, or weather reports.

Potential fraudsters don’t need any special equipment to operate a premium rate number. Incoming calls to the premium rate number are connected to International Points-Of-Presences (IPOP), where they are either terminated onto IVR equipment (hosted by the premium rate number provider) or internationally forwarded to the fraudster’s own target destination numbers.

Most services can handle up to 99 simultaneous calls at a time. Most of the services surveyed by TransNexus don’t even charge any set up or monthly fee for the premium number. The premium rate service will then send the fraudster’s payment through a bank wire transfer on a daily, weekly, or monthly basis.

where are premium rate numbers

Premium rate number call flow

Simply setting up a premium rate number does not necessarily lead to fraudulent activity. Some businesses do legitimately stimulate traffic to their premium rate number through legal means, such as advertising. In fact, many reputable charities make use of premium rate numbers or premium rate SMS text messages to raise money. In these cases, the call flow would look something like this:

premium rate call workflow

With this call flow, a business like a psychic hotline or an adult chat line would be able to support itself. However, this is not always the case. It is all too simple for someone looking to make fast money with a premium rate number to hack into an enterprise PBX to create false traffic to their number. A quick search of YouTube for “how to hack a PBX” leads to over 2,500 tutorial videos.

A Sampling of “How to Hack PBX” Videos from Youtube

A fraudster who can hack into an enterprise PBX to make phone calls would have a call flow that more closely resembles this:

pbx hack call flow

It is important to note that in the fraudulent scenario, the enterprise will rarely pay for the fraudulent calls placed using its hacked PBX. Though the service provider may try to collect for the calls, it is rarely successful. Most subscribers to phone services expect fraud to be handled as it is with a credit card. That is, the service provider should be responsible for recognizing fraudulent activity, and the subscriber should not be held responsible for the charges.

Unfortunately, this means that service providers are left to cover the entire bill for the premium rate calls.

How service providers can protect their network from premium rate number fraud

Because service providers are most often the party left to pay for fraudulent premium rate calls, it is essential that they have a solution in place to recognize and stop fraudulent activity in real time. TransNexus solutions effectively eliminate the problems of premium rate number fraud for service providers.

First, TransNexus solutions come pre-loaded with a blacklist of known premium rate numbers. Calls made to these numbers are automatically blocked or re-routed. Second, by monitoring the financial risk of each call as well as factors like call attempts and call duration, TransNexus solutions are able to detect suspicious traffic in real time. If a subscriber suddenly shows a spike in traffic to a high rate destination, the TransNexus solution will send email and SNMP alerts, and may also be set up to automatically block or re-route suspicious calls.

More on TransNexus.com

May 18, 2022

China cracks down on telecom fraud

December 6, 2021

Telecom fraud losses increasing, according to CFCA report

December 1, 2020

FCC Report and Order on one-ring scam calls

November 9, 2020

Domestic telecom toll fraud is still a problem

October 12, 2020

FCC changes rules for intercarrier compensation on toll free calls

January 23, 2020

TRACED Act calls for one-ring scam protection

November 19, 2019

Robocall and TDoS case studies

October 28, 2019

FCC denies stay request on their Access Arbitrage Order

October 28, 2019

Wangiri telecom fraud activity reported in Canada

September 26, 2019

FCC issues order to prevent access stimulation

July 16, 2019

ClearIP adds new call forwarding blacklist capabilities

July 10, 2019

July holiday week telecom fraud attack profiles

June 13, 2019

ClearIP enhancements for blacklisting of SPID and location

May 20, 2019

Anatomy of a telecom fraud attack

May 14, 2019

Study on rule changes to eliminate access arbitrage

May 8, 2019

FCC warns of Wangiri telecom fraud scams

March 8, 2019

SIP Analytics vs. CDR-based fraud management – a case study

October 22, 2018

FCC proposal to curb domestic telecom fraud

September 27, 2018

Lessons learned from call forwarding attacks

Notes

  1. Kent, Joe. “Turning the Tables on Cold Callers.” BBC News. 29 Aug. 2013. Web. 10 July 2014.
  2. “Consumer Deception and Fraud.” Federal Communications Commission. Web. 10 July 2014.
  3. Nias, Simon. “Frip Finishing Warns of SIP Fraud Risk after Falling Victim to £35k Hack.” Print Week. 23 June 2014. Web. 10 July 2014.
  4. Jenkins, Ciaran. “Phone-hacking Scam Costs UK Businesses Estimated £1bn.”Channel 4 News. 24 May 2012. Web. 10 July 2014.
  5. Mitchell, Stewart. “Nine Arrested in IPhone Premium Rate Fraud.” PC Pro. 18 Aug. 2010. Web. 10 July 2014.