I recently had the great pleasure of meeting senior fraud management experts from the major US network operators at the WeDo Conference held in Washington, DC, but what they had to say about fraudulent activities on networks around the world was most concerning.
They were all active in the Communications Fraud Control Association (CFCA), a not-for-profit global educational association that is working to combat communications fraud. By promoting a close association among telecommunications fraud security personnel, CFCA serves as a forum and clearinghouse of information pertaining to the fraudulent use of communications services.
One of the highlights of the event was a presentation by Adam Panagia, director at AT&T's Global Fraud Management team. He is responsible for safeguarding the assets of AT&T through prevention, detection and deterrence of fraudulent activity perpetrated against AT&T and its customers.
Adam presented the results of the CFCA’s 2015 Global Fraud Loss Survey that highlighted just how big an issue fraud has become, not just in lost revenues for the networks but also highlighting the sometimes lax approach to law enforcement in this space and the potential use of misappropriated funds for criminal activities.
64 CSPs worldwide of all sizes and types were surveyed, i.e. wireless, wireline, broadband, and narrowband CSPs providing voice, data, financial services, content distribution and Internet of Things (IoT).
Almost 50 percent of respondents reported over 100 fraud incidents per month and a little more than half of those over 1,000 per month! However, compared to 2013, more than twice as many CSPs stopped reporting cases to law enforcement – because 45 percent perceived lack of interest or understanding by law enforcement to take the cases on .
Since 2013, respondents are spending 15 percent more time detecting and investigating fraud and less time working with Security/Physical, Law Enforcement, Customer Service, Sales/Marketing, Revenue Assurance and Billing.
Another interesting trend is that compared to 2013, approximately 10 percent of fraud departments have moved from under Operations & Security to Finance (almost 60 percent). Fraud Departments were also reported in other areas including Revenue Assurance, Legal, Audit, Network Engineering, Roaming and Routing, even Customer Care!
In 2015 the top five fraud methods detected in company were PBX Hacking, IP PBX Hacking, Subscription Fraud (Application), Internal Fraud / Employee Theft, Subscription Fraud (Identity) but CSPs reported abuse of network, device or configuration weakness and account takeovers as the growing threats.
Globally, in-network frauds are mainly International Revenue Share Fraud (IRSF); Interconnect Bypass (e.g. SIM box); Premium Rate Service; Domestic Revenue Share (DRSF) and Wholesale Fraud.
For roaming it is International Revenue Share Fraud (IRSF); Interconnect Bypass (e.g. SIM box); Premium Rate Service; Arbitrage and Device/Hardware Reselling.
When asked what percentage of global telecom revenue was lost to fraud 55 percent believed it was between 1 and 4 percent. When asked what percentage of their company’s revenue base was fraud 59 percent thought it was less than 2 percent - but of greater concern was that 27 percent believed it to be between 2 and 3 percent.
This level must be a major concern for C-levels, so focused on maintaining margins and cutting costs, because it represents a massive loss direct from the bottom line.
But what will it for law enforcement, so reliant on CSPs to help them track down other criminals, to want to help capture and jail the fraudsters.
Perhaps it will be the issues raised in this article that telco fraud is a burgeoning sub-economy and in this article that it may be funding terrorist activities that will get the attention of governments.
In the meantime, give a thought to those fraud managers fighting a never-ending battle against an agile foe that keeps on finding better ways to commit fraud and steal money. Fighting fraud is much like fighting forest fires – you put one out in one place and another pops up nearby.
 (Note: Fraud losses were weighted based on CSP size to avoid bias created when small and large CSP responses were combined.)