Pandemic boosted telecoms fraud in 2020 – and it’s still rising

Telecom and cyber fraud are bigger and more profitable than the narcotics trade. What are operators doing about it asks Kate O’Flaherty?

Europol reckoned cyber-telecoms fraud is bigger and more profitable than the illegal narcotics trade, and the telecom industry agrees. Fraud is an increasingly complex issue, which can result in hefty financial losses for mobile operators. So what are operators doing about it, and what more needs to be done to tackle the growing problem?

Covid-19 spam

Fraud constantly evolves, so it’s challenging to keep up with and ahead of criminals. Fraudsters were quick to exploit Covid-19, with the topic appearing frequently as part of spam messages, says Simeon Coney, Chief Strategy Officer, Adaptive Mobile Security. His company’s Covid-19 spam tracker identified a spike starting around February 2020.
 
In particular, SMS fraud surged throughout the pandemic, says Katia Gonzalez, Head of Fraud Prevention and Security at BICS, which offers fraud prevention services to mobile operators.

In addition, she says: “We are seeing more omnichannel attacks, with scams no longer only focusing on one single telco service, such as SMS. Instead they’re spread across services in an attempt to hit a wider number of users and increase the fraudsters’ chances of success.
 
“Today, fraud attacks often focus on scamming end users, instead of trying to directly monetise telco transactions, says Gonzalez. “We are seeing a new focus on end users with the goal of obtaining direct payments or personal data, which can then be used to perpetrate many other scams and monetised on the dark web.”
 
CLI (caller line identification) spoofing – where an attacker hides their identity to make it appear as if the call is coming from elsewhere – is proving very difficult to address, she continues.

A costly issue

Telecoms fraud is a costly issue for mobile operators, partly because they are usually forced to bear the cost themselves. Europol estimates this amounts to €10.6 billion (£9 billion) a year.
 
That’s without taking into account the damage to their brand and reputation.
 
Usage-based fraud – where fraudulent traffic is artificially generated or ordinary, legitimate traffic is manipulated – continues to be the biggest issue across mobile data, SMS, and voice globally, according to Finn Kornbo, Executive Product Director, Digital Wholesale at CSG.
 
Usage-based voice fraud is causing some of the greatest losses in the form of revenue-share fraud through enterprise private branch exchange (PBX) hacking, which continues to have a high financial impact across regions, he says.
 
In tandem, roaming-related fraud, including zero-rated fraud, is causing “significant damage” to many mobile operators, impacting their ability to drive new revenue, Kornbo says.
 
Although there are multiple options to help operators mitigate fraud, the amount being done by operators covers a wide spectrum, according to Coney, “From those doing very little, to those working to implement the necessary technology to block fraud.”

Tackling telecoms fraud

Across the industry as a whole, a lot of work is being done to tackle telecoms fraud. In October this year, UK operators committed to a nine-point fraud charter. Key actions stemming from the charter include identifying and implementing techniques to block scam calls and share data across the industry; and plans to block smishing texts.
 
The charter also outlines plans to work with organisations in the financial services sector to perform strength checks around SIM-swapping, where a mobile number is moved to a new provider to commit fraud.
 
The impetus is there, but execution may not be as straightforward due to the complexity of networks and protocols that govern them. “While these are strong aims, implementation is slow and difficult,” says Matt Ettelaie, a Senior Manager in KPMG UK’s Cyber Defence Services practice.

“Telecommunications networks are complex and interconnected, based on well-established protocols, such as SS7. These legacy protocols were developed with uptime and interoperability in mind, not necessarily security,” he adds.
 
As the attack landscape continues to diversify, criminals can exploit critical weaknesses in signalling protocols such as SS7 and Diameter to carry out fraud. Positive Technologies’ researchers found vulnerabilities in all the networks they tested.

UK lags US

In addition, in contrast to the US which has already developed improved protocols, UK operators’ aims will take much longer to become reality.
 
“The implementation of techniques such as caller ID authentication using new technical standards such as the STIR-SHAKEN approach will take the UK industry time to test and deploy before they can be effectively used,” Ettelaie says.

He points out that some updates are not scheduled to be completed until 2025, when the UK telephone network swaps to all IP from analogue.
 
For now, UK operators are currently focusing efforts on quick, technical solutions and intelligence sharing that can begin to mitigate some, but not all, fraud, Ettelaie adds.

Making fraud difficult

It’s never going to go away, so fraud must be addressed with a combination of technology such as systems that can detect and mitigate fraud, and global collaboration between operators. For now, as the fraud landscape continues to diversify beyond Covid-19, it’s important that the industry works together to tackle the issue.
 
Collaboration within the industry has increased during Covid-19, and this has been instrumental in fighting some of the devastating SMS attacks during the pandemic, says Gonzalez. “Hopefully this will encourage all parties to collaborate further, particularly across borders, and increase efforts to fight back against fraud.”