Telecommunications providers are vital to the everyday function and operations of businesses, governments, and individuals. By providing a connection to the Internet and enabling phone calls and messages, telecom companies play an integral role in our everyday lives.
One of the major emerging risks is the prevalence of fraud, largely due to the fact that many telecommunications companies have been slow to deploy risk operations departments. Losses were either absorbed or passed on to the repo business. However, telecom operators are increasingly inclined to meet their unique fraud challenges head-on. Let’s examine them in detail and see what tools can help.
What Is Telecommunications Fraud?
Telecommunications fraud, also known as telco fraud or telecom fraud, includes any kind of activity designed to abuse and gain an advantage over telecommunications companies using deception (fraudulent practices).
This includes IRSF fraud (International Revenue Sharing Fraud), where fraudsters abuse premium phone rates, and interconnect bypass fraud, a form of arbitrage between operators’ call rates.
How Does Telecommunications Fraud Work?
Because telephony is the largest and oldest deployed network in the world, fraudsters have long developed tools and practices to exploit it to extract value. The financial cost of loss due to telecommunications fraud was approximately $38 billion in 2023, representing a 12% increase in 2021.
And while fraud attacks usually evolve quickly over time as companies squash them, telco fraud is unique as it’s often taken as a given. Its costs are absorbed by operators, who would rather not embark on integrating complex risk management systems into their architectures.
Adding to the challenge is the fact that telecom companies also break down their services to resell them to local networks and carriers — a £4/$5 billion industry in the UK alone.
As the technology to run your own mobile network becomes more widely available, large telecom operators are becoming targets of fraud indirectly, making it harder to identify.
5 Types of Telecommunications Fraud
Let’s look at the most common types of telecommunication fraud attacks operators should know about.
1. International Revenue Sharing Fraud (IRSF)
International Revenue Sharing Fraud, or IRSF fraud, takes advantage of premium phone rates, which are then dialed unwittingly by users. It is by far the biggest fraud challenge for telecom operators, costing the industry an estimated $4 to $7 billion a year, according to Verdict. This is how it works:
Bad agents sign up to lease a premium phone number.
They break into a business’s phone systems and call that number.
The business pays as much as $1 a minute, 25% of which goes into the fraudster’s pockets.
Businesses may suddenly find themselves with astronomical phone bills for calls they do not recognize. The calls often happen outside working hours, and companies only realize they’ve been made when it’s time to foot the bill.
It doesn’t help that there is a lack of regulation in this area. Unlike card payments, where the chargeback process can protect the person whose credit card was stolen, there is no such thing in the telephony world.
2. Wangiri Fraud
From the Japanese meaning “one and cut,” Wangari telecommunications fraud involves striking curiosity in customers by calling them, letting the phone ring once, and hanging up. The customer will often ring back, unwillingly calling an expensive premium number that the fraudsters control. According to the latest data, Wangari scams cost the economy a significant $2.23 billion a year.
This type of telecommunications fraud was the second most reported type in 2021, and the CFCA survey also noted a year-on-year increase. An SMS variant of this also exists, where fraudsters send a message prompting customers to call back a certain number or even text it.
Spikes in traffic to high-cost destinations are typical red flags for this kind of telecommunications fraud, which telcos should be able to monitor with their internal systems. The key here is to know that, as a business, you should keep an eye on which numbers are automatically dialed.
This isn’t limited to telcos. Any company where phone calls are essential for finding leads or customer service could do well to deploy a simple reverse phone lookup tool to protect itself whenever someone is asked to dial back an unknown number.
3. Interconnect Bypass Fraud
Interconnect bypass fraud, also known as SIM box fraud, takes advantage of a termination rate to make cheaper phone calls. The CFCA estimates that it costs telecom operators $3.11 billion in lost revenue per year.
To understand it better, let’s look at a scenario with two operators in different countries:
A customer of Operator A calls a customer of Operator B.
Operator A charges its customer a fee per minute.
Operator B charges Operator A a fee for providing the call to its customer.
The last charge, where the call ends, is called the termination rate. These rates vary wildly depending on the contracts between the two operators. Some of them are expensive, others are close to zero.
This is where a fraudulent operator comes into the picture. They reroute these international calls using a SIM box or GSM gateway, effectively hijacking the connection to achieve cheaper termination rates. They are essentially making long-distance calls much cheaper, but the caller pays the same price – so the fraudster telco pockets the difference.
This also impacts telecom customer satisfaction because more often than not, the quality of these calls will be inferior to standard international calls.
4. Telecom Arbitrage Fraud
Arbitrage is the general practice of capitalizing on price differences. In the telco world, these differences appear in the long-distance rates between countries.
Just like international bypass fraud, it can lower the international cost for customers but also open the door to fraudulent companies that insert themselves between operators. They claim to connect directly from country A to B, whereas, in fact, they go through a cheaper-rate country to make the call.
5. PBX Hacking
Private Branch Exchange (PBX) hacking allows fraudsters to take control of phone lines by exploiting unsecured phone networks. A PBX is a private phone network that connects to external networks. It’s what allows companies to share lines and to reduce the number of numbers needed in an office, for instance.
Many of these PBXs are IP-based, making them easy targets for hackers. Hackers log into the system and use it to their advantage—for instances of IRSF fraud mentioned above. This is a cybersecurity and IT issue that can be avoided with better internal controls and password security.
Conclusion
The telecommunications industry is not immediately linked with fraud, yet there are multiple issues with fraudulent activity in the sector. Rather than including safety integrations into existing architecture, network providers opt to absorb the costs associated with fraud. With various types of fraud being committed, users are encouraged to remain vigilant and stay abreast of the latest developments in fraud.
