How Has COVID-19 Changed Fraud?

In the age of COVID 19, businesses have become more reliant on telecommunications services as their employees and other processes operate remotely. Traffic volumes to call centers have risen. Staff sizes have shrunk. Consumers face new threats and new fears. All of these factors present multiple opportunities for fraudsters. And the fraudsters have given an appropriate response.

Recently, the Global Leaders Forum (GLF) and Delta Partners Group surveyed executives from leading operators around the globe about the effects of COVID 19 on their operations.

They found the following:

In general, fraudsters' tactics have evolved and become more sophisticated over the years as the volume of telecommunications traffic steadily increases.

Also, the number of fraud attacks on certain traffic flows, such as international voice, has noticeably increased in volume due to COVID-19.

In short:

As traffic volumes rise, the number of fraud attacks also rises and the COVID-19 pandemic has exacerbated this effect.

It's also important to note that as people face economic hardship and lose jobs or their income drops, crime rates often rise, in general. It could be argued that the economic hardships brought on by COVID-19 pandemic had a major impact on increased levels of fraud of all kinds, including in the telecom industry.

Let's take a look at all of this, in detail.

Telecom fraud has become harder to prevent as fraud tactics evolve and each year the amount fraudsters steal in a single attack grows. The COVID-19 pandemic has only amplified many of these losses.

Consider the following stats from 2019:

• In 2019, a single fraud scheme called Interconnect Bypass cost the global telecommunications industry a whopping $2.71 billion in losses.
  
• Total global revenue losses to telecom fraud in the same year amounted to $28.3 billion.

Using these figures, we can calculate that 1.86% of global telecom revenues may have been lost to fraud in 2020.

The telecommunications industry generated an estimated $1.5 trillion in total revenue in 2020.

By considering the revenues of major providers like AT&T, Telefonica and Vodafone, we can put this into perspective and see how much each company may have lost to fraud amid the Coronavirus pandemic.

• AT&T: With $171.8 billion in annual revenue in 2020, AT&T's potential loss to fraud was $3.1 billion.
• Telefonica Group: $49.2 billion in annual revenue equates to a potential revenue loss of $915 million.
• Vodafone Group: With $50.0 billion per year, Vodafone may have lost $930 million to criminals.

While these numbers from 2020, alone, are staggering, the amount that fraudsters take each year continuously rises and has been amplified by the COVID-19 pandemic.

But how, exactly, has telecom fraud changed throughout COVID-19 and what impact has the pandemic had on telecom fraud?

COVID-19 has presented new opportunities for fraudsters to both raise the volume of successful attacks and adapt current techniques to the new circumstances presented by the pandemic.

SMS and voice phishing tactics have been rebranded to prey on peoples' fears of breaking lockdown orders, financial instability and more.

Let's look, in detail, at how the fraudsters have responded to the COVID-19 pandemic.

As reported by Total Telecom, a recent industry survey of operator experiences during the pandemic revealed the following:

• 75% of telco operators are experiencing new incidences of fraud
  
• 61% said network security threats have increased or significantly increased since the start of the COVID-19 pandemic.
  
• 47% said fraud events have been increasing or significantly increasing
  
• 55% said they plan to adopt new approaches to interactions with customers
  

According to the GSMA's Fraud And Security Group (GSMA FASG), fraudsters have also come up with COVID 19-themed attacks, targeting consumers and employees who have been at home during the lockdown.

Criminals have also taken up manipulating financial, commercial and official government campaigns amid COVID-19 via messaging and voice channels.

For example, as the volume of calls rises, the number of PBX (Private Branch Exchange) hacks has increased.

Here are some specific examples of how fraudsters have responded to the pandemic:

The volume of voice phishing attacks has risen in several countries as people are spending more time at home. GSMA FASG expects it to increase as lockdowns continue and people remain working remotely from home.

In China, specifically, fraud-call complaints amid their lockdown included:

• Criminals impersonating government officials or sales staff from pharmaceutical research companies
  
• Fraudsters trying to sell counterfeit medicine
  
• Impersonating Red Cross and other charity staff to solicit donations
  
• Falsely claiming that a loved one has been infected or isolated and soliciting money for hospital fees or other financial assistance
  

Such attacks generally target consumers.

Operators polled in the GSMA FASG study also observed that Robocall strategies have adapted to COVID-19 themes. The volume of calls offering testing, protective equipment, job opportunities, loans and more have reportedly increased significantly.

Operators are faced with the task of promptly identifying originating numbers and blocking them. Though this isn't as easy as it seems.

The most common problem here is accurately identifying which numbers to block. Some governments at various levels have been using automated calls to provide important COVID-19 messages to their constituents.

In some cases, these legitimate calls have been blocked. As a result, they are creating call registries to minimize incorrect labeling of legitimate robocalls. However, it's an inefficient approach that can't detect all illegitimate calls with 100% accuracy. Some scam calls continue to get through.

Due to the global lockdown, while employees working from home and governments have implemented travel and retail restrictions, operators around the world have observed that the volume of the following fraud schemes has substantially fallen:

• Subscription fraud
  
• Roaming fraud
  
• SIM swap
  
• Handset subsidy fraud
  

However, operators around the world have observed an increase in the volume of other fraud schemes:

• PBX fraud
  
• Arbitrage
  

The GSMA FASG could not definitively conclude whether or not the volume and strategies of other fraud attacks like International Revenue Share Fraud (IRSF) and SIM box fraud have changed. However, traffic to specific countries has increased without any explanation.

However, the use of PBX fraud to carry out IRSF has marginally increased, likely due to the lack of people on physical premises.

The pandemic has created another opportunity for PBX fraud and similar schemes. Companies are extending their VoIP network beyond their local networks and connecting remote workers via SIP (Session Initiation Protocol) clients to their corporate PBX.

As is usually the case when a company swiftly deploys new infrastructure or services, there is the possibility of misconfiguration, lack of sufficient testing and other important security measures are overlooked. This leaves several communication avenues vulnerable to attacks.

In terms of arbitrage, there has been a large response from fraudsters who have taken advantage of increases in mobile network operator data allowances and tariff changes.

Operators around the world have observed a rising degree of roaming data charging bypass.

There have been many changes in usage patterns and volumes on both fixed-line and mobile communication lines. Firstly, as I mentioned before, there has been a significant increase in voice and data usage and domestic usage patterns are becoming more active during the day, rather than the evening.

Usual business traffic has decreased due to employees now working remotely.

Typical call length patterns are changing as well.

All of this has resulted in another problem. Since some machine-learning fraud management systems use pattern recognition to detect and prevent fraud, these systems have become less reliable. They must be 're-trained' to attain pre-pandemic efficacy levels.

Fraud is changing its shape amid COVID-19. Some operators have experienced a rise in specific fraud attacks while others have seen a decrease. It may even be argued that the rise and fall of different fraud schemes has resulted in a rate of fraud growth that is consistent with usual circumstances, despite the worldwide lockdown.

The COVID-19 pandemic has, nonetheless, shaken operators and made them more vulnerable in areas where they weren't before. Unexpected spikes in specific fraud attacks and new circumstances have caught them off guard and left them vulnerable while the criminals continue to steal billions of dollars each year.

The fraudsters' tactics remain resilient and adaptable and fraud is, in any case, rising..

The obvious question many operators have been asking is, 'how can we stay protected?'.

Fortunately, we now have the tools to stop telecom fraud completely, regardless of the extra pressure COVID-19 is putting on our industry.

With a sudden rise in fraud attacks amid a harrowing global pandemic we have, for the first time in the history of telecommunications, a means to not only minimize fraud, but to completely stop all forms of telecom fraud in their tracks, once and for all, and establish a global fraud-free community.

This makes it an exciting time to be a part of this industry.

The one consistent factor in each of these fraud schemes mentioned above is in their call details in the registry.

Every time a fraudster infiltrates a call chain and manipulates a call in any way, a discrepancy between the originating and terminating call details emerges. Our ability to stop telecom fraud depends entirely on our ability to detect manipulations to these call details and cross-validate them in real-time.

This is the revolutionary principle on which AB Handshake operates. Its beauty is in its simplicity and effectiveness.

The solution is a game-changer for the industry since it can detect even the slightest signs of a fraud attack and stop it in real-time before a call is connected.

Here's how it works:

Each time an inbound or outbound call is initiated, its details are sent to a call registry where a series of hi-tech processes take place to prevent telecom fraud and ensure the security of the call:

1. Once a call is initiated, the call registry uses the E.164 numbering plan to route a validation request, which reaches the terminating network before the actual call does.
   
2. Next, the call undergoes cross-validation from both networks to detect even slight forms of manipulation
   

This system ensures protection from every form of telecom fraud and provides no false positives.

In short, any operator using the AB Handshake solution for validating their voice traffic can rest assured that all such traffic is completely free from fraud, regardless of whether we are amid a global pandemic or not.

The AB Handshake vision is to not only protect operators and consumers from unexpected shifts in the telecom landscape that create opportunities for fraudsters to attack, such as in the case of the COVID-19 pandemic.

The AB Handshake vision is of a global community of operators working in a completely fraud-free community.

The more operators that join the AB Handshake community, cross-validating call details in real-time and blocking attacks before they happen, the wider the fraud-free community becomes, eventually leaving the fraudsters with nowhere to go.

To make such a vision a reality, the AB Handshake team ensured that their solution would be both affordable and quickly integrated into the default settings of any operator's system anywhere in the world.

To learn more about the solution and integration, feel free to have a look here.