Tags Posts tagged with "Bypass Fraud"

Bypass Fraud

0 384

Operators and global industry forums continue to wrestle with the question of whether or not to merge their fraud and security teams/work-groups to cope better with criminals who are breaking in through IP-based networks in order to derive profit for themselves (or their causes), or just to wreak havoc and disruption on their “enemies”.  Fraudsters are not just partaking in the traditional crimes of bypass fraud, roaming, Dial Through, AIT/PRS, Call Selling fraud etc., but also the exciting new stuff…. Phishing, malware, spoofing, DDoS, Trojans etc.

One can be forgiven for thinking that fostering closer links between fraud and security domains is breaking new ground in terms of responding to the threats posed by 4G/LTE, NextGen, the continued growth of e/m-commerce and the proliferation of data passing over networks.   I guess it is a sign of my advancing years that I can’t help feeling that we have been here before…

15 years ago, when I was prepping for an interview for my first job in the fraud management arena, I was listening open-mouthed as a fraud expert was explaining to me the finer points of PBX Hacking.  Thinking back, two things were very clear:-

  1. The Operator in the UK already had a merged fraud and security group (which they later separated out, then subsequently re-merged again, by the way).
  2. The main advice to combat PBX Hacking was prevention, not detection… and that meant security prevention. The operator was keen to tell its business customers that they needed to physically lock away their PBX equipment, protect their passwords, switch off unnecessary/vulnerable services such as DISA/Voicemail, carry out security awareness training for switchboard operators, support staff, suppliers, use barring at switch or extension level, keep PBX call logging records to see hacking attempts before they succeed, shred old copies of internal directories, vet their security/cleaning staff, etc. etc.   The FMS only stepped in when all the prevention activities failed and the PBX was breached.  By the time that happened, operators were already losing money directly, if they were responsible for the switch, or indirectly if their customers were liable.  Customers may have been unwittingly facilitating the fraud by their lack of security awareness etc. but even so, if a small business – used to paying perhaps $1000 a month for calls, suddenly gets a bill for $20000, they are going to fight it, refuse to pay it or be unable to pay it.  The indirect cost to the operator of customer complaints, disputes, potential court cases, damage to the brand, bad publicity, negotiated settlements, debt write-off and churn etc. can cost far more than the original bill.  It was a lose/lose situation… unless you were the fraudster.

These days, with the emergence of 4G/LTE, IP-based Networks, perpetrators are still committing the same underlying crime for the same motives as before, but now they are breaking in through a host of different entry points, wearing better disguises, carrying bigger SWAG bags and using faster getaway vehicles.  In truth, many operators are struggling to keep up with the high number and seemingly unpredictable nature of these attacks.

Security teams are traditionally very good at preventing access to networks, but they are not perfect.  The pace at which network elements, components, interfaces and transactions are increasing is making it impossible for all the preventative measures to be in-situ from day one.  Not to mention the surfeit of off-the shelf tools that fraudsters can use to break in to more and more lucrative areas of daily commerce.

In practice, Prevention alone cannot succeed.  Detection, Analysis and Response are also essential elements of the fraud management cycle.

Cycle

 

So, my point is this…. security and fraud teams cannot operate in silos.  Security teams must continue to try and prevent malicious intrusion as much as possible.  That requires taking in a lot of real-time data from the access points, identifying the nature of the content and the data patterns and quickly blocking anything that looks dubious.  But when the intruder gets in (and they do in their numbers), that is when the fraud team can also play their part.

Whilst the security team controls corporate IT networks, how well can they police the mobile workers and the homeworkers, the tablet users, the App Store/Android Users etc.?  And if you think that profiling subscribers was difficult historically, how much harder is it when you can’t even define what a subscriber is, let alone track their behaviour.  In the new world, the relationship between account holder, subscriber and product/service is not always obvious.  Also, the billing relationships for transactions can be mind-boggling.  Couple this with the speed at which these transactions are taking place and the value of services and content being passed across a proliferation of bearers, and you have a minefield to negotiate.

This is where a good Fraud Management System can supplement an operator’s security tools.  An FMS must now be equipped to take in much larger volumes of data than before, in many different forms and process it much quicker.   Any reputable FMS vendor will now be offering solutions with large scale, flexible data handling tools (including probe / deep packet inspection events), internal/sales partner audit logs/feeds, inline service/transaction monitoring, exhaustive rules engines (real-time, in-line and statistical), subscriber grouping & profiling features, reference data including Hotlists/Blacklists, fraud and device “fingerprinting” capabilities, ID verification, alarm prioritisation and established, flexible workflows, with a range of analytics tools and visualisation features.  All these components – in the hands of an experienced and well-managed fraud operations outfit – will help to choke fraudsters and drive them out to look for easier targets.

So, in summary, don’t let the security guys take all the strain at the prevention stage.  Share the data, share the knowledge and spread the load to the fraud team for a more comprehensive response.

To get more information about Subex Fraud products please click here.

0 142

Last week I spoke at the GSC conference where an august  group of carriers convene to discuss the problems they face and best practices within their organizations.  So apart from being in Windsor one of the loveliest places in the UK and setting aside the fact we had a great treat from a British multinational Operator – a meal at the Guards Museum, Westminster.  What was discussed?

Two interconnected topics ( no pun intended) were top of the agenda item. GIPX and credit control and management.  Here carriers debated whether and how to give smaller players access to their network and how to limit debt liability. British multinational telecommunications services company spoke about their pre-pay component in billing and how that manages debt, predicts traffic and spend and successfully allows (untested) new carriers access. As the provider to them it was great to hear how pleased they are and what practical use the solution gives them.

We had a very interesting talk from the director of the Institute of Credit Management explained his organization’s mission   to educate about the issues of credit, risk and to stress the importance of positive cash flow.  Again this had carriers discussing issues around cash collection and customer management.  Opinion was divided – some leaning backwards in pursuit of the relationship others just pulling the plug when debt became unacceptable. This just reiterates how slightly different this domain is – retail billing  is, you don’t pay – you’re gone ( well there are exceptions in cases of hardship).  This is about carrier relationships and the bi-lateral sessions where carriers sit and negotiate with each other face to face – stresses the complex and often personal nature of the inter- carrier relationships.

The meeting  also  had a great speech from a Belgian Operator discussing Fraud prevention and the problems By Pass and  PBX hacking remain ever constant.

What did I learn?

New technologies offer new opportunities – not really a massive learning point – but more automation, alerting and deeper  MIS gives carriers the capability  to avail themselves  of these new opportunities and as providers of software to them we need to make sure that their days are as easy as possible.

0 418

Sim Box Fraud, Landing Fraud, Grey Routing, VOIP Bypass whatever you may want to call it – Bypass Fraud continues to hurt operators across the globe. As per CFCA, operators lost more than 2.88 Billion USD to Bypass fraud in 2011!!! Imagine operators could have sold 7 million Iphones and 3.5 Million Ipads with that much money.
In the recent past we heard of 2 news involving Bypass fraud in Philippines and Ghana –
A huge bypass racket involving three Taiwanese nationals and a Filipino was unearthed at a condo at Makati City – Manila, Philippines. . Losses for operators ran up to millions of Pesos.
While in Ghana – where operators have lost millions of dollars to bypass fraud, the regulatory body has made it clear that if it discovers any illegally acquired SIM cards being used for SIM Box fraud, the respective telecom operators would be held responsible and made to pay for it
Below infographic highlights the unique approach used by Subex to not only detect Bypass fraud but also detect the root cause and prevent it.

To download pdf, click on the given link Bypass Fraud Infographic

Co-Authors – Ravish P, Nithin G & Ashwini S.

Creative – Shafi

Sources:   http://www.ghanaweb.com/GhanaHomePage/NewsArchive/artikel.php?ID=224287
http://allafrica.com/stories/201112010282.html
http://www.fox979online.com/index.php?option=com_content&view=article&id=78:vodafone-and-police-bust-another-sim-box-fraud&catid=4:business-news&Itemid=4

http://fixed-mobile-convergence.tmcnet.com/news/2012/01/03/6027997.htm

http://www.revector.com/news/raids-sim-boxgsm-gateway-fraudsters-save-mobile-operators-millions

http://archives.myrepublica.com/portal/index.php?action=news_details&news_id=29347

http://www.ossnewsreview.com/telecom-oss/the-berkman-center-defines-bypass-fraud/

http://fixed-mobile-convergence.tmcnet.com/news/2012/01/03/6027997.htm

http://communicationsafrica.com/security/822-150mn-sim-box-fraud-.html

Follow Us