Why Is It So Hard to Prevent a Wangiri 2.0 Fraud Attack?
Wangiri 2.0 fraud poses a significant challenge to telecom security. Unlike regular Wangiri fraud, Wangiri 2.0 has only one "leg" of voice traffic — the callback. This means there's only one chance to block this fraud.
Another issue is the volume of these calls. Individual users can and do ignore calls from unfamiliar numbers, so in the original Wangiri fraud scheme, the scammers have to generate an enormous volume of calls to get a significant number of callbacks. These "waves" of calls are more likely to trigger a fraud management system that identifies unusual patterns.
Companies, on the other hand, can't simply ignore contact form submissions for fear of missing out on a potential customer or creating a negative customer experience for a legitimate contact.
Therefore, the callback rates with Wangiri 2.0 fraud are much higher than in the original scheme. The scammers don't need to generate as much voice traffic and can spread the traffic out, allowing them to remain under the radar of traditional anti-fraud systems that analyze patterns. This makes it difficult to detect and stop a Wangiri 2.0 fraud attack.
Furthermore, due to the scope of their activity, it usually takes longer for companies to notice the unusual charges and take action. This challenge is compounded by the fact that many companies outsource customer service to call centers that don't typically have sophisticated fraud management systems. These companies are often unable to identify the contacts on the bot-filled forms as fraudulent and instead attribute them to poor sales conversion.
Due to these difficulties, Wangiri 2.0 fraud detection remains a challenge for traditional fraud management systems. All types of companies, from international financial organizations to online stores, regularly fall victim to this type of telecom fraud. Once the call has been made, there isn't much the company can do. Telecom operators generally refuse to refund the costs, claiming that the call was made willingly and that the service was fully rendered. The victimized companies are forced to absorb the costs.