The moving target that is telecoms fraud

Africa is no exception when it comes to experiencing telecoms fraud. The vast continent comprises 54 countries – some have lower-than-average fraud, some higher. But either way, according to PwC, cybercrime is the most disruptive fraud event in telecoms, and this is an industry that is undergoing rapid growth across Africa.

The GSMA reports a continued acceleration in mobile broadband coverage in sub-Saharan Africa, as operators upgrade existing 2G sites to 3G and 4G, the latter now covering almost half the regional population. 2019 was the first year that there were more mobile broadband connections than 2G, as consumers benefitted from more affordable smartphones.

This increasing penetration of mobile connectivity has in turn created more opportunities for the criminals to execute their scams, which impacts both the subscriber and the network operator, stealing billions of dollars in revenue.

According to the CFCA Fraud Loss Survey, the estimated global loss to fraud in the telecoms industry is more than $28 billion.

Here, we look at a number of different fraud types, as well as examining how BICS is working with the telco community to tackle the problem.

Voice fraud

The increase in ownership of mobile phones in Africa leads in turn to an increase in mobile roaming between countries, and therefore opens up more opportunities for criminals to benefit.

Subscribers can be tricked into unwittingly generating huge bills while forcing operators to pay out call termination charges.

Roaming fraud is where fraudsters get hold of SIM cards and use them from overseas markets to call international revenue share numbers. It takes a minimum of three to four hours for the call records to arrive back at the home network for analysis – time that the criminals use to fully exploit this revenue stream.

SIM box fraud, on the other hand, is where illegal international voice-over-IP (VoIP) calls are diverted on to local mobile networks. The criminals benefit from the international call charges, but as the call appears to be local, the operator is only paid for a local rate call.

Wangiri fraud – so named after the Japanese word for 'one ring and cut' – is where a missed call from an unrecognized but visible number lures consumers to return the call. The call-back incurs a high price-per-minute call as well as high interconnection fees, thus swelling the bank accounts of the fraudsters, while abusing the end users and their mobile operators.

At BICS we are leveraging our position at the heart of global communications to help telecoms operators tackle these types of fraud. Powered by crowdsourcing information from hundreds of operators worldwide, our FraudGuard fraud detection platform can automatically block all calls to known fraudulent numbers and analyze global traffic in near real time.

This creates a complete overview of fraud trends to inform operators' decisions. To further enhance the service, operators can share details of detected network fraud, to contribute to a constantly updated 360-degree view of attempted fraud.

SMS fraud

BICS works with many operators looking to monetize SMS, and mitigating fraud is key to protecting revenues. Criminals can hack an operator's SMS center or even take control of it at the signaling level. They could potentially send malicious traffic all over the world, soliciting consumers to make calls to premium numbers, or infecting their phones with malware facilitating further fraud.

SMS bypass fraud capitalizes on the different routes that international text messages can take to reach their destination. The cost varies depending on the route. Dishonest SMS aggregators take advantage of this to exploit illegal or unauthorized – known as grey or black – routes to deliver messages at the lowest possible rates, thereby stealing legitimate termination revenues from mobile operators.

Implementing firewalls to protect SMS centers from the hackers, and to ensure aggregators cannot bypass set routes is a crucial step in tackling this kind of fraud. These SMS bypass routes are costing the industry $2 billion each year, almost 12% of the total market value. The true cost is likely to be far higher: anecdotal evidence suggests that grey routes represent around 40% of international SMS volumes in some regions.

An African operator in the Southern Africa region was receiving more than 80% of all international SMS via grey routes. This resulted in lost revenue that ran into millions of euros over several years.

In East Africa, a major operator was the victim of malpractice by local aggregators who were abusing their interconnection by sending international A2P SMS traffic over a local connection. BICS' Local SMS Firewall successfully addressed the issue by blocking international traffic on local links and diverting all international A2P traffic to the official route.

The global nature of the telecoms market makes life easier for the criminal and makes successful prosecutions extremely difficult. Added to this, a further constant challenge for the network operator is that types of interconnection are proliferating.

Today, it is no longer simply mobile network to mobile network; communications service providers need to consider the cloud and IoT networks with their billions of connections, so identifying, tracking, and tackling fraud means always chasing a moving target.

Fraudsters are extremely clever, highly organized, and will always exploit the weakest link. Therefore, the telecoms community must work together, to tackle the common threat and invest in innovative solutions to fight it. Telecoms networks that are not equipped with the highest quality security, insights and fraud protection will be the softest targets.

— Clémentine Fournier, Regional VP Sales, Africa, BICS

This content is sponsored by BICS.

*Top image is of Clémentine Fournier, Regional VP Sales, Africa, BICS. (Source: Supplied)