According to the recent Communications Fraud Control Association Report, in 2021 $39.9 billion in revenue was lost to telecommunications fraud. In the United States alone, 74 million telco customers already had their data leaked to the dark web before the end of the first quarter of this year. Unfortunately, these threats are not subsiding any time soon.
The third and fourth quarter of the year is prime time for telecommunications fraud. Why? It’s the holiday season. In fact, the average number of suspected digital fraud attempts during Thanksgiving and Cyber Monday was 82% higher globally than during the rest of 2022.
Of course, we regularly detail the insidious effects of promo abuse and the dark side of discounts across sectors, especially over the holiday season. The reason for this is simple; online retailers (including telecommunication providers) continue to underestimate the threat of promo abuse. This is despite it fast becoming an issue that not only impacts operational costs, but also strains customer relationships, damaging a business’s brand reputation.
Unfortunately, promo abuse is just one concern for the telco industry this holiday period. As the new product and upgrade launch cycle for smartphones gets underway and consumers look to retailers for the latest and greatest deals and discounts, let’s investigate the latest fraud trends affecting the telco industry.
5 types of telecom fraud to look out for:
International Revenue Sharing Fraud (IRSF)
IRSF is one of the biggest, most persistent types of telecommunications fraud. In fact, IRSF has grown six-fold over the past decade, with total losses going from $1.8B in 2013 to $10.76B in 2022.
In this type of telco fraud event, a fraudster leases an international premium rate number, hacks a business’s phone system and artificially inflates traffic to the number. The huge phone bills are then paid by the hacked business and the attacker diverts funds, sometimes up to 25%, to themselves. Because these calls are often made outside of business hours, especially holiday times and weekends, companies do not realize they have been attacked until the phone bill arrives.
Subscription fraud across the telecommunications industry occurs when a bad actor uses a stolen or synthetic identity to purchase mobile devices and subscribe to contracts and services with no intention of paying. This type of telco fraud is considered one of the hardest and most expensive to prevent. In fact, in South Africa alone, subscription fraud contributed 30% to overall revenue loss across the industry.
There are a few reasons subscription fraud is such a problem:
- The proliferation of synthetic identities.
As the fastest growing fraud trend across the United States, synthetic identities are made up of real, but stolen PII combined with falsified credentials. With an increased surge in data breaches across all sectors, organized fraudsters are able to not only easily steal identities and bypass KYC checks put in place by telco companies but sit on the stolen customer information until they are ready to use it.
- Opportunity for fraud convergence
Given smart smartphones are employed as the key contact point for verification (such as passcodes via SMS), mobile accounts are now considered a fundamental part of an authentication trail for other industries, especially financial services. Therefore, it’s easier than ever for bad actors to not only scam the telco company but also the customers themselves in order to access their financial information.
- Account takeover fraud
Regardless of what any online retail merchant sells, if they enable customers to create online accounts, they open the doors to possible account takeover fraud. Unfortunately, telcos are particularly vulnerable due to the fact that multiple accounts being needed by businesses offer more opportunities for fraudsters to impersonate and take over. Indeed, the CFCA reports that $1.62 billion was lost to account takeovers during their last survey.
Sim Swapping Attacks (SIM Jacking)
SIM jacking involves fraudsters accessing a customer’s SIM info and using it to gain access to a customer’s accounts by pretending to be them, porting their phone number to a new SIM card. Sim swapping attacks lead to hackers stealing multi-factor authentication codes, which, in turn, give them access to the victim’s most secured accounts.
This past January a cybercrime group was discovered, reported to have been active since June 2022. By impersonating IT staff at various telecom providers, the fraudsters were able to gain employees’ trust, convincing them to grant access to their accounts and part with their passwords. Then, they simply sim-swapped for financial gain.
“Wangiri” or one-ring and cut scams involve a victim returning a missed call and getting re-routed to a premium rate number overseas (subsequently charged for the expensive call). Usually, this scam happens during work hours or at night, as the call needs to be “missed.”
Not only does the caller incur the cost, but the telco can also, through customer dissatisfaction. The CFCA estimates $US1.82B lost to robocalls (6.4% of global fraud!) In fact, a use-case is given of a major telco operator who lost $US348M to fraud in 2019. Of that, $US22.4M was lost to Wangiri fraud, alone. It was estimated that, by acting against it, the telco could have reduced the cost of customer complaints by 20 percent.
What are the solutions for telco providers?
When it comes to fraud mitigation, the CFCA report found 88% of providers indicate that their telco businesses are using CDR-based fraud detection. A CDR analysis provides access to real-time SIM box activity for telco fraud protection. Unfortunately, monitoring CDRs alone is not enough. Therefore, it is recommended that telecommunication providers also monitor signal records, as fraud coverage can be increased and time to detection reduced by doing so. Unfortunately, according to the CFCA, only 36% of providers currently do this.
Meanwhile, industry experts are calling for innovative technologies such as artificial intelligence, machine learning and identity verification. Indeed, implementing a fraud prevention program that leverages AI, ML and data analysis is a great option. These technologies are particularly impactful when it comes to detecting and stopping telco fraud during peak holiday seasons and beyond.
Strike the balance between fraud prevention and customer experience
Because the creation of fictitious accounts, along with multi-accounting, is such a key component to telecom fraud, the ability to identify new accounts whilst weeding out fraudulent ones is vital. Robust, dynamic identity verification data enables providers to quickly distinguish good customers from bad actors. Better still, with the right data insights, providers can make informed, confident decisions while offering a frictionless customer experience.
Indeed, offering a poor user experience in this competitive digital economy means losing business. This is due to a whopping 68% of all ecommerce customers abandoning their carts. However, letting just anybody through isn’t the answer, especially when approving bad actors means losing big time (remember that $39.9 billion dollars in lost revenue cited in our opener?) Furthermore, declining good customers come at an even greater loss, with 2022’s estimated loss to merchants due to false declines hitting $645 billion.
At the end of the day, the best approach to fraud prevention is a layered one that employs a customizable, automated identity verification solution that bases analysis on authoritative identity data. Before a new customer opens an account or transacts, this approach will assess the legitimacy of the identity before advancing them through the appropriate validation workflow. This not only improves customer satisfaction, with low-risk identities enjoying a seamless onboarding or transaction. It also cuts down on manual review times (a big problem during peak sales periods) by only instigating the costly and time-consuming for high-risk identities.
Want to know more about how you can detect and prevent telco fraud this upcoming holiday season? Get in touch with an Ekata expert today.