Summary Bullets:

• Telecom operators need to focus upstream on the network by strengthening their ‘know your customer’ (KYC) processes, focusing on incident reduction, and reducing illegal network entry.

• Network heads need to devise innovative measures utilizing fraud analytics on call data and fraud scenarios and implementing third-party tools with automation and machine learning.

The Impact of Telecom Fraud on Operator Revenues
In terms of figures, organizations like the Communications Fraud Control Association (CFCA) have estimated total global telecom revenues to be in the $1.8 trillion region in 2021, with telecom revenue loss due to fraud to be estimated at 2.22%, resulting in $39.89 billion losses. With this in mind, telecom fraud is a major issue for telecom operators.

However, there is a paradox for telcos. On one side, telcos have been benefiting from the rise in voice and data traffic, but the downside is that it has resulted in increased telecom fraud on the network in a similar fashion. In addition, the large increase in telecom fraud can also be attributable to gaps and vulnerabilities in voice and data services delivered in the pandemic with operators implementing changes in services and checks.

The Types of Telecom Fraud Committed
The types of telecom fraud at the network level vary with a number of fraud types that are emerging. Telecom fraud can also be defined as a process or activity illegally taking advantage of the network using deception through fraudulent means. Fraud types include, but are not limited to, international revenue sharing fraud (IRSF – i.e., where fraud is committed on voice and SMS), interconnect bypass, PBX hacking, traffic pumping, deposit fraud, smishing/SMS phishing, SIM jacking/swapping, and account takeover, to name a few.

However, from the number of types of fraud that exist, recently there has been a particular increase in IRSF with operators losing between $4 billion to $7 billion. In this type of fraud, criminals unrealistically inflate traffic to international premium rate numbers (IPRN). Secondly, interconnect bypass fraud (i.e., SIM box fraud) has also been on the rise and highly damaging to operator revenues, where attackers use a variety of least cost call termination techniques to divert international calls to avoid termination costs. The third fraud type that also is making headway is subscription fraud, where fraudsters utilize fake identification on contracts.

Lastly, GlobalData’s discussions with telecom operators has highlighted the emergence and increase of vishing attacks on services, where scammers with fake profiles contact genuine users over the phone with a view of persuading them to release personal information.

Considerations for Telecom Operators
The sheer loss in revenue operators are experiencing has made them be more proactive and invest time, resources, and money into tackling telecom fraud. But it’s still very much a cat-and-mouse game. Also, the sheer volume of fraud committed and the complexity in nature really requires governing regulators to take a more active role. As operators put it to GlobalData:

“We can only do some much, and to really address vishing, the regulator needs to drive a consortium of different players in the value chain and in government, making funding available.” – Operator A

“There’s cross board issues, inadequate processes, and tools in the identification fraud on call data.” – Operator B

There’s no doubt that the impact of telecom fraud on revenues is driving the issue at the board level, and networking heads are tasked with implementing different solutions to reduce fraud. There’s also a need for greater intervention from independent regulators and associations like GSMA in driving efforts through a consortium approach, as well as making available government funding to help operators on programs and initiatives.

However, from a strategic perspective, operators should place effort across the following as part of their strategy to combat telecom fraud:

• Greater Participation: Greater involvement in consortiums, discussions with regulators, and other operators to promote innovation, share ideas/approaches that have worked, and promote fraud information dissemination.
• Bring Telecom Fraud Closer to Cybersecurity: Telecom fraud is still kept in insolation and limited to the network department by operators as a whole. As cybersecurity across any business (including telcos) takes precedence and comes into play with risk management, telecom fraud will be critical to operators’ overall success. Therefore, it needs to be brought into the overall cybersecurity strategy at the network and enterprise levels.
• Greater Use of Third-Party Antifraud Solutions: Tools/service providers have developed strong solution offerings, bringing in greater automation and machine learning as well as fraud analytics capabilities on call data and fraud scenarios. These can be leveraged more both by operators and enterprise customers.