Telecom fraud detection
VoIP is about convergence, saving money and resources. However, these types of systems also create more inroads for attack.
As VoIP has become more accessible and popular, security threats have grown as well. The most prevalent threats to today’s VoIP deployments are rooted in traditional data networking and PSTN attacks. Today, VoIP devices are the primary tools used by fraudsters. In the first half of 2012, 46% of fraudulent calls were made from VoIP phones.
What constitutes VoIP fraud?
We consider VoIP fraud to be the use of a VoIP telecommunications network with the intention of avoiding payment. In that sense, the payment may be incorrect, entirely lacking, or the attempt to force another party to pay. We consider both illegal activities and those activities which, though technically legal, may still hurt telecommunications companies by taking advantage of systems and vulnerabilities.
Whom does VoIP fraud affect?
VoIP fraud can affect any organization which uses or sells VoIP services. In most cases, the fraud target is an enterprise. Most enterprises never realize that they have been hacked, refuse to pay the fraudulent charges and threaten to switch to a different service provider. The SIP service provider has little leverage over its international long distance vendors and is left to cover the bill.
However, in some cases, service providers will demand the enterprise pay for fraudulent charges. This was the case in a 2009 when Michael Smith, a small business owner in Massachusetts, found that someone had hacked into his PBX to make $900,000 worth of calls to Somalia. AT&T attempted to sue Smith for $1.15 million to recoup the cost of the calls and interest. Though AT&T eventually dropped the charges, a spokeswoman for the company maintained that they had been entitled by law to collect the amounts owed, and that Smith should have put more safeguards in place to protect his phone system.
VoIP fraud can and does occur in any industry. Certain industries, such as banking, tend to attract more fraud than others. A recent study from Pindrop Security found that nine out of the top ten banks, and 34 of the top 50 banks had been victims of call fraud.
Where does VoIP fraud come from?
VoIP fraud comes from all over the globe. Traditionally, Africa has been a “hot continent” for telecom fraud, because the termination costs are very high and regulation is not as stringent as in other parts of the world.
However, a 2011 study from the Communications Fraud Control Association (CFCA) found that the top five countries from which fraud originates are the United States, India, the United Kingdom, Pakistan, and the Philippines. The top five fraud terminating countries were Cuba, Somalia, Sierra Leone, Zimbabwe, and Latvia.
How big of a problem is VoIP fraud?
VoIP fraud is a significant and growing problem in the telecommunications industry. Because fraudsters often attack during weekends, fraud events often go undetected for many hours. A single fraud event can easily cost a company between three and fifty thousand dollars. In many cases, this number can be even larger.
A 2009 attack on an Australian company’s VoIP PBX resulted in 11,000 international calls in just 46 hours, leaving the SIP provider with a bill in excess of $120,000. A 2011 weekend episode in South Africa resulted in a bill of over $12,000 and another in the US cost victims more than $1.4 million.
Experts have trouble estimating an aggregated global yearly loss, because calculations are often based on subjective and individual standards. However, most experts agree that total loss is somewhere between 3 and 10 percent of income. This translates to a total global losses of somewhere between 30 and 50 billion dollars per year. The CFCA’s 2011 report put the number at $40.1 billion dollars lost.
This is a problem that is only increasing. According to the CFCA report, phone fraud is growing at a rate of 29% per year. As the popularity of VoIP continues to grow, the problem of VoIP fraud will become an increasing threat to the industry.
TransNexus VoIP fraud detection solutions
TransNexus has developed a number of solutions to detect fraud in VoIP networks. NexOSS, in addition to its already industry-leading least cost routing features, effectively eliminates the problem of traffic pumping fraud for VoIP providers. The solution is to include smart monitoring features that sense when there is an unusual spike in call traffic to a specific destination. When a suspicious spike occurs, the NexOSS system simply and automatically puts a temporary block on the route, ensuring that fraud losses are kept to an absolute minimum without interrupting legitimate calls.
TransNexus solutions analyze CDRs or RADIUS records, and can identify fraud by IP address, or by group or user id. TransNexus has partnered with top industry leaders like Acme Packet, MetaSwitch, and Broadsoft to ensure that the solutions operate smoothly with any network.
More on TransNexus.com
February 15, 2023
Suggestions to curb access arbitrage
June 27, 2022
FCC proposes new rules to prevent access stimulation
June 6, 2022
Denial of service attack and ransom demand defeated
May 18, 2022
China cracks down on telecom fraud
December 6, 2021
Telecom fraud losses increasing, according to CFCA report
December 1, 2020
FCC Report and Order on one-ring scam calls
November 9, 2020
Domestic telecom toll fraud is still a problem
October 12, 2020
FCC changes rules for intercarrier compensation on toll free calls
January 23, 2020
TRACED Act calls for one-ring scam protection
November 19, 2019
Robocall and TDoS case studies
October 28, 2019
FCC denies stay request on their Access Arbitrage Order
October 28, 2019
Wangiri telecom fraud activity reported in Canada
September 26, 2019
FCC issues order to prevent access stimulation
July 16, 2019
ClearIP adds new call forwarding blacklist capabilities
July 10, 2019
July holiday week telecom fraud attack profiles
June 13, 2019
ClearIP enhancements for blacklisting of SPID and location
May 20, 2019
Anatomy of a telecom fraud attack
May 14, 2019
Study on rule changes to eliminate access arbitrage
May 8, 2019
FCC warns of Wangiri telecom fraud scams
March 8, 2019
SIP Analytics vs. CDR-based fraud management – a case study
October 22, 2018
FCC proposal to curb domestic telecom fraud
September 27, 2018
NexOSS is a comprehensive suite of software applications that save money and improve efficiency in managing VoIP telecom networks. It’s ready-to-go with Secure Telephone Identity using STIR/SHAKEN.Learn more