VoIP telecom fraud threats increase

April 10, 2014

According to the Federal Trade Commission, telecom fraud accounted for 34% of fraud complaints in 2012, up from 20% in 2010. These numbers continue to grow, as new technology has led to an onslaught of new telecom fraud tactics.The latest schemes are difficult to tract and investigate because of their frequency, their layers of anonymity, and their global nature.

Cisco’s 2014 Annual Security Report points to these new tactics, along with a worldwide shortage of skilled security professionals, as a proof that that the threat of telecom fraud has reached its highest level since 2000.

Simple attacks that caused containable damage have given way to organized cybercrime operations that are sophisticated, well-funded, and capable of significant economic and reputational damage to public and private sector victims. One of these new telecom fraud schemes is known as wangiri fraud.

Wangiri, in Japanese, means “one-and-cut.” That is, one ring and a cut off phone call. A wangiri phone fraud scheme relies on this single-ring method for a quick way to make money. A fraudster will set up a computer to dial a large number of phone numbers at random. Each rings just once, then hangs up. This leaves a number as a missed call on the recipients’ phone.

Users often see the missed call and believe a legitimate call was cut off, or are simply curious as to who called, so they dial the missed number. The number turns out to be a premium rate number—anything from advertising to “free prizes” to sex services.

Another new tactic is called toll free fraud. Toll Free fraud can affect any business that uses a toll free number. In this scheme, a fraudster will typically make a profit-sharing agreement with a CLEC. He will then use VoIP technology to make multiple calls to a toll free number—often that of a large corporation.

The CLEC will perform a dip to the SMS 800 database, and then transfer the call to another network for termination, earning something like 1.5 cents per minute in switched originating access fees. The fraudster will then navigate the automated IVR prompts, avoiding connecting to a live operator.

These calls are often left up for hours at a time and automated so multiple calls will be made at once. When large companies, like financial institutions, are targeted, they frequently don’t even notice the huge charges racked up by toll free fraud, even though they are expensive, long calls.

An annual report from Pindrop security puts the average potential loss from a telecom fraud attack in 2013 was $42,546. What is more distressing is research from the Aite Group, which found that only 23% of institutions surveyed track and quantify fraud losses.

There are solutions on the market now that can help companies not only detect, but also stop telecom fraud. SDReporter from TransNexus is one such solution. SDReporter monitors and prevents telecom fraud. SDReporter integrates with your existing Oracle Acme Packet, BroadWorks, Cisco Call Manager, or Metaswitch platform by collecting and analyzing call detail records (CDRs).

When suspicious traffic triggers a fraud alert, SDReporter can send an Open Communications Interface -Provisioning (OCI-P) command to a BroadWorks switch to block the calls or divert them to customer service. An E-mail or Simple Network Management Protocol (SNMP) alert is sent to the Network Operations Center (NOC) with the details of the fraud trigger.

The NOC can view the details of the alert from the SDReporter web interface and unblock the calls if needed with one click. The impact of a single fraud event can overwhelm a business, and few businesses have the expertise to harden their telephone systems to prevent telecom fraud attacks. SDReporter is that is intuitive and easy for our technicians to use to detect and stop telecom fraud.