Call Stretching & Short Stopping - Fraudsters Targeting Premium Rate Destinations

Total telecom revenue lost to Short Stopping and Call Stretching attacks around the world amounted to $4 billion in 2021. Total telecom-related losses in the same year amounted to $39.89 billion - a 28% increase on the year before. As the years pass, telecom fraud steals enormous amounts of revenue from operators worldwide and these two dubious telecom fraud schemes are key factors.

These two fraud schemes not only steal revenue, but they increase customer churn, create unresolvable dispute tickets and trigger country-wide blockages of entire numbering plans. Callers can't reach family and friends in these destinations and the terminating operators there lose major revenue due to lost traffic.

Local operators in high termination rate destinations like the Maldives, Algeria, the European Union and elsewhere are particularly vulnerable. But unfortunately, unlike spam calls, the industry hasn't seen much of a response from regulators.

As Call Stretching and Short Stopping attacks become more prevalent in specific regions of the world, the prospects for preventing them become dimmer and dimmer. But call validation technology has changed this.

To understand the impact of Call Stretching and Short Stopping and how to stop it, we need first to understand the mechanism of how these fraud schemes work.

What is Call Stretching and Short Stopping?

First, we'll explain Call Stretching and why it's so difficult for a traditional FMS to stop. Here is a definition of Call Stretching fraud:

Let's imagine that a call originates in Canada and terminates in Cuba, a premium rate destination that charges $0.50 per minute. To more clearly understand this scheme, let's compare the process of connecting and billing for a legitimate call to one hijacked by Call Stretching.

Legitimate Call

In a legitimate call, three wholesale transit carriers each collect, for example, one cent per minute for connecting a call from Canada to Cuba. The Cuban operator (B Operator) eventually charges $5.00 for the 10-minute call.

Each carrier then charges the next carrier in the routing chain on down the line until the A Operator pays the full amount for the total duration of the call.

Here's what happens when the same call is hijacked by Call Stretching fraud.

Hit by Call Stretching

This call also starts as a legitimate call from Party A to Party B, lasts five minutes, and the Cuban operator charges $2.50 for the entire duration of the call.

At the five-minute mark, a fraudulent transit carrier disconnects Party B in Cuba while simultaneously keeping Party A on the call. The Fraudster substitutes the real voice of Party B with either a recording of the conversation or some other recorded content. A wide variety of recordings are used. The goal is to dupe Party A into believing Party B is still on the line, and keep them on the call as long as possible.

The recording may even ask the caller to remain on hold while the called party is taking another call.

So, from the five-minute point of the call onward, the fraudulent carrier will bill the preceding carrier for excessive seconds or minutes that Party A remains connected. (at the rate the Cuban operator charges – $0.50 per minute). The profit for these illegitimate minutes flows directly into the pocket of the fraudster.
Remember, Operator A and Operator B have no idea the call was disconnected. Both operators are unaware of the fraud taking place.

Short stopping is based on the same principle, but the hijacking occurs before a call connects.

Short Stopping

Short-Stopping is more widely known than Call Stretching. Simply put:

Here, scammers use similar tactics to those used in Call Stretching to keep callers on the line and rack up charges.

Sometimes, the caller will hear a false ring tone or a fake announcement, such as: "The person you're dialing isn't responding. Please try again later". In other cases, the fraudster plays a message such as, "Hello? Hello? I'm having trouble hearing you. Please hold on…" etc.

Since these recordings often sound real, callers might not even be aware that the fraud has occurred until they get an enormous bill for calls to a destination they never dialed.

The common thread in both schemes is the abuse of premium rate destinations. As a result, terminating operators and the people trying to call friends and family in these destinations are most affected.

High Rate Destinations Targeted by Call Stretching and Short Stopping

Here is a non-exhaustive list of countries and regions vulnerable to Call Stretching and Short Stopping:

• Falkland Islands (€1.17 /min)
• Seychelles (€0.48 /min)
• Cuba (€0.50 /min)
• Chad (€0.42 /min)
• Maldives (€0.62 /min)
• Tunisia (€0.59 /min)
• Algeria (€0.61 /min)
• European Union (€0.13 - €0.40 /min)

Without an accurate and reliable way of detecting and stopping these fraud schemes, many operators turn to the desperate measure of blocking the entire numbering plans of such countries.

The local terminating operators then lose immense revenue due to lost traffic. Callers simply can't reach anyone in these countries. The impact is multifold.

Impact of Call Stretching and Short Stopping

These fraud schemes impact end-users, originating telcos, terminating telcos and entire countries.

Losses to End Users

In addition to being blocked from calling the numbering plan of entire countries, end-users face other problems. These include immense frustration and exorbitant bills for calls to countries they never dialed.

They also experience the unsettling feeling of having their privacy violated when they realize their private conversation was recorded. In times when data privacy is one of the main concerns worldwide, this is especially unacceptable.

Losses to Originating Telcos

At some point, end-users begin filing complaints and dispute tickets. Of course, the parties that have to handle these complaints, in addition to the financial loss from the fraud itself, are the originating operators.

Without any way to identify the source of the fraud, they waste resources trying to resolve the disputes, face enormous costs, and ultimately face a dilemma – either foot the bill for their customers or face immense churn.

There is yet another problem: the end-users' tickets are translated to the downstream operators participating in routing these calls, which leads to other trouble ticketing and payment disputes. Both procedures take up valuable resources on each side.

Losses to Terminating Telcos

As we mentioned above, terminating operators both in high rate destinations as well as those elsewhere lose massive amounts of traffic and the corresponding revenue. This is due to shorter call durations, calls being rerouted to other destinations and a loss of international traffic from country-wide blockages.

So, why do traditional fraud management systems struggle to detect and stop these attacks? Let's have a look.

Challenges in Stopping Call Stretching and Short Stopping

In short, detecting these attacks with a traditional FMS is akin to finding a needle in a haystack. I'll explain.

A traditional FMS is designed to analyze traffic for widespread patterns in a massive amount of calls and other more substantial indicators of International Revenue Share Fraud.

A traditional FMS scans for typical call patterns such as unusual volumes to unusual destinations, low answer-seizure ratios (ASR) and unusual ACD, massive amounts of simultaneous calls to and from certain ranges and more.

It's a bird's-eye view detection, so to speak.

With Call Stretching, the connection and initial conversation are completely legitimate, but the ending of the call is fraudulent. With Short Stopping, the initial call is also legitimate. These calls simply aren't detected by such models because the fraud hides in legitimate phone calls.

Moreover, the fraudsters embed themselves in millions of phone calls globally while keeping their per-call profit small enough to remain "off the radar" of detection. Detecting such attacks is a bit like trying to find a "needle-in-a-haystack".

Wild West of Voice Traffic

Another problem is the absence of transparency in the area of the call chain handled by transit carriers. This 'region' is often thought of as the 'Wild West' of voice traffic because transit operators can mostly do what they wish with the traffic they receive, without being detected.

A fraudulent transit carrier may hijack a call and reroute it. They can cut the call and 'stretch' it. Has the originating operator been charged for a legitimate call duration? Have they been charged for the same call duration the terminating operator issued a bill for?

The call details of the originating and terminating operator may be relatively transparent and easily accessed by each operator. And when a call is hijacked, discrepancies appear in these call details. But the only way of knowing any of the above events have occurred is to cross validate these call details between the originating and terminating operators.

Additionally, when an end-user files a dispute ticket after the fact, there's no way of efficiently inspecting the call details to determine where the problem occurred.

By connecting operators worldwide and providing the means to cross validate call details in real-time before a call connects, we can immediately detect Call Stretching and Short Stopping as they occur and block these calls before they connect.

This is exactly the principle on which the AB Handshake solution operates.

Block Call Stretching and Short Stopping Attacks - AB Handshake Solution

This technology is a game-changer in telecom fraud prevention. This lean system offers a comprehensive solution for stopping Call Stretching and Short Stopping attacks.

Here's how it works.

1. When a call initiates, the originating network records key call details to Call Registry A. The details are many, including the A and B numbers and a time-stamp for each event of the call: start, connect, end.
2. The terminating network delivers their respective call details to Call Registry B.
3. Both call registries simultaneously exchange encrypted messaging via the internet to cross-validate the call details.

Even the slightest discrepancy can mean only one thing – fraud.

Such a call is immediately flagged as fraudulent and operators have the choice of either blocking it before it connects, or allowing the call to get through (as is sometimes appropriate). As a result, 100% of all Call Stretching and Short Stopping attacks are stopped.

100% Fraud-Free Community

The traffic of any operator equipped with the AB Handshake solution is guaranteed to be 100% free from all Call Stretching and Short Stopping attacks as well as all other voice fraud. The system also guarantees no false positives, which is a key issue in fraud prevention.

As more and more operators join the fraud-free community, the portion of fraud-free traffic grows while the volume of unsecured traffic shrinks, leaving fraudsters with nowhere to go. If adopted around the world, it can eliminate voice fraud on a global level.

What About Integration Costs?

When designing this technology, the team behind AB Handshake understood that no such vision could be realized if it wasn't easily integrated and affordable for any operator around the world.

The AB Handshake solution can be easily integrated into the default settings of any operator's native system. It can work in harmony and as a supplement to any company's existing fraud management software and requires no upfront CAPEX.

The pay-as-you-grow model ensures operators of any size in any country can integrate the system at a rate that fits their budget and fits within the cost structure of the local market.

Eliminate Call Stretching and Short Stopping on Your Network Today with AB Handshake

By eliminating Call Stretching and Short Stopping, terminating operators in premium rate countries and regions can recover billions of dollars in lost annual revenue. However, the benefits of eliminating fraud reach beyond financial recovery.

Transparency along the entire call chain results in more effective dispute resolution. Fewer security breaches result in a more pleasant customer experience, stronger customer loyalty and decreased churn. Country-wide call blocking and other outdated, ineffective and costly methods of fraud detection can be abandoned. And much more.

The AB Handshake solution already validates live traffic to every country in the world. More than 200 operators worldwide already have their traffic monitored by the solution and we are actively onboarding more operators from all locations.

AB Handshake’s ability to validate calls in real time directly agrees with the ITU CxO meeting 2023 consensus: global real-time validation is required and must be rapidly explored for a meaningful global defense.

Explore the ITU CxO meeting 2023 communiqué for a comprehensive overview of the world's most urgent telecom security themes.

If you're ready to join the AB Handshake community today, or if you have any questions, feel free to contact us here. One of our onboarding specialists will respond today.