VoIP Fraud: Why it Happens and How to Stop it

VoIP Fraud WhitepaperA salesman at a Bangor, Maine auto parts store arrived at the office on the morning of February 22 and noticed that all 11 of the company’s phone lines were lit up. As he was the first to arrive, and the only person in the building, he knew that something was amiss. As it turned out, the company’s private branch exchange (PBX) had been hacked. In a single night, the hackers had racked up a long distance bill that was roughly double the company’s average monthly phone bill. A similar incident was recently reported by a Los Angeles software company, who found that scammers hacked into their PBX and placed 4,390 long distance calls in under an hour (that’s over 150 calls per minute).

Fraud in the VoIP industry is on the rise in 2012. A recent report from watchdog group, the Australian Competition and Consumer Commission (ACCC) detailed over 83,000 fraud complaints in 2011. That is nearly double the number of complaints from 2010, and quadruple the number from 2009. Fraud is common in industries across the board, but has become a startling issue for VoIP carriers and providers. In fact, the ACCC estimates nearly 20% of the fraud complaints they received in 2011 involved hacking in the telecommunications industry.

 

Unfortunately, these incidents are not uncommon. In fact, these companies were lucky to have someone catch the fraud in a matter of hours. Most enterprises who are victims of VoIP fraud don’t ever realize that they have been hacked, and the problem isn’t caught by VoIP providers sometimes for days. According to Jim Dalton, CEO of leading VoIP management software provider TransNexus, a single fraud event can cost a VoIP provider anywhere from $5,000 to upwards of $50,000. Revector, a U.K.-based fraud management company, recently reported that some telcos are losing up to $150 million per year in fraudulent calls. The ACCC reports that just in Australia, fraud losses have increased a stunning 35% from 2010.

Why are VoIP providers suddenly being targeted for fraud? There are several contributing factors. First, hackers have become more sophisticated as the VoIP industry has grown into a major player in the telecommunications field. Rather than breaking into trunk lines, hackers are targeting individual customers’ PBXs. Once they gain access to a PBX, they begin calling international premium-rate services to generate revenue.

Hackers take advantage of lax international communications standards and regulation. In many third world countries, it is relatively easy to set up a conference server and strike a deal with the local telephone company. Because VoIP does not require much specialized equipment, there is little barrier to entry for a potential scammer.

Finally, scammers have learned that there is often little to no security oversight for many VoIP customers. “The fraud occurs Friday and they don’t know it until Monday, when they come in and see a million calls to Ivory Coast,” or some other location, Dalton said. An alarming number of companies never even realize that they have been the victims of VoIP fraud until they see the bills. Few enterprises are willing to pay for the fraudulent charges, so SIP providers are left to pay for the damage.

In a widely publicized incident last fall, the FBI arrested four hackers in the Philippines in connection with an organized attack on the clients of US telecom giant AT&T. According to the New York Times, the group’s efforts cost AT&T over two million dollars – charges that the telecoms giant likely passed onto the smaller provider telcos.

New solutions are being developed to stop VoIP fraud. TransNexus has pioneered fraud detection software for VoIP in the past year. In January, TransNexus announced the addition of a fraud detection module in its flagship NexOSS product, already an industry leading solution for least cost and quality of service routing. This module works by detecting spikes in customers’ call traffic, and automatically blacklisting suspicious routes – temporarily suspending them from the routing table. “We live and die by our fraud detection reports” said Jay Cox, Director of Telecommunications Management at Appia Communications, a recent NexOSS customerSince implementing the new system, Appia has been able to quickly detect fraud events..

TransNexus unveiled a new version of its popular SDReporter product with new fraud detection features at the COMPTEL PLUS Spring 2012 Convention & EXPO, held in San Francisco, CA. SDReporter is a comprehensive reporting package designed to analyze quality of service (QoS) statistics and Call Detail Records (CDRs) reported by an enterprises’ SBC or PBX. With the latest release, SDReporter will also be able to recognize potential fraud events in near-real time, and send automatic email or SNMP alerts, stopping potential scammers in their tracks.