International Phone Fraud Tactics

This article outlines two different types of international phone fraud. The first can happen when you call an expensive country like Cuba:

My phone call never actually made it to Cuba. The fraudsters make money because the last carrier simply pretends that it connected to Cuba when it actually connected me to the audiobook recording. So it charges Cuban rates to the previous carrier, which charges the preceding carrier, which charges the preceding carrier, and the costs flow upstream to my telecom carrier. The fraudsters siphoning money from the telecommunications system could be anywhere in the world.

The second happens when phones are forced to dial international premium-rate numbers:

The crime ring wasn't interested in reselling the actual [stolen] phone hardware so much as exploiting the SIM cards. By using all the phones to call international premium numbers, similar to 900 numbers in the U.S. that charge extra, they were making hundreds of thousands of dollars. Elsewhere -- Pakistan and the Philippines being two common locations -- organized crime rings have hacked into phone systems to get those phones to constantly dial either international premium numbers or high-rate countries like Cuba, Latvia, or Somalia.

Why is this kind of thing so hard to stop?

Stamping out international revenue share fraud is a collective action problem. "The only way to prevent IRFS fraud is to stop the money. If everyone agrees, if no one pays for IRFS, that disrupts it," says Yates. That would mean, for example, the second-to-last carrier would refuse to pay the last carrier that routed my call to the audiobooks and the third-to-last would refuse to pay the second-to-last, and so on, all the way back up the chain to my phone company. But when has it been easy to get so many companies to do the same thing? It costs money to investigate fraud cases too, and some companies won't think it's worth the trade off. "Some operators take a very positive approach toward fraud management. Others see it as cost of business and don't put a lot of resources or systems in to manage it," says Yates.

Posted on December 6, 2016 at 6:15 AM • 12 Comments

Comments

Peter KnoppersDecember 6, 2016 8:23 AM

All involved phone companies make money from being part of this pipeline. Therefore they have every reason to continue being not so innocent bystanders in these fraud cases.

As soon as you find a way to take away those profits (and slam on some punitive damages), it will stop.

Clive RobinsonDecember 6, 2016 9:53 AM

As @Peter Knoppers points out,

All involved phone companies make money from being part of this pipeline.

The method by which they do this is in effect a "double tap" where there is two fees payed one for a call leaving a network and one for connecting to a network. And they accumulate along the pipeline.

This obviously alows network operators to cheat each other as there is no central accounting, just edge reconcilliation. It also means that due to increasing competition it usually means little or no money actually changes hands compared to that the network supposadly charges.

In part because the old way of doing the charging was via metering pulses, which in the past you could sometimes hear in the background on longdistance high rate calls.

However since the mid 1990's few if any still used metering pulses as it occupied bandwidth and became overly complex to operate.

In fact in the UK back then when mobile phones were still a bit of a novelty Bruce's old employer BT was accused not just of abusing it's position in the market but operating these frauds...

Basicaly BT argued that they had to pay the mobile operators "full" connection fee for a minimum of a minute or more, even though the call did not compleate to the mobile subscriber. So people were paying the equivalent of around $7.50 (in todays terms) just to get engaged pulses. So the UK regulator made noises, and all of a sudden Voice Mail was being made "free" BUT... They kept the ring time very short (around 10-15 secs originaly) so that calls would get connected, even if it was just to VM. This became very lucrative for the likes of BT which was the encumbrant POTS as well as the other mobile network (and the VM computers for both were in effect the same).

BT also got called over the coals for their "long distance" charging. Basically "long distance" nolonger had any meaning in the way BT routed calls around it's network. You could phone a friend in the next dial code (local call) but rather than lose revenue via the short distance exchange line being at capacity, they would route the call halfway around the country (long distance) to connect. Whilst this might sound nice for the customers, it ment BT could cut back on service provision making network outage more likely as was found on the odd occasion when say tickets for concerts of very popular artists went on sale and what to most customers minds compleatly unrelated parts of the network blocked and failed.

It got to the point where even MPs were heard to make comments of the form "The only justification BT has for long distance charging is the extra ink on the bill they try not to send you!".

So when you hear telco executives saying that something can not be done, you can be fairly certain that it's not for technical reasons, what they actually mean is "it would reduce our unjustifiable profit scheme". To call the telco executivrs "crooks" would be unfair to actual criminals.

So don't hold your breath on the execs changing their profit schemes any time soon to prevent what for them is quite lucrative fraud...

Which is also why they have faught tooth and nail to stop VoIP over the Internet, and now are desperate to kill off "net neutrality" oh and in the US going to court to stop "municipal supply" of Intetnet access... The more you find out about Telco Execs the more you are going to feel repulsed by their behaviour.

Uncle Joe StalinDecember 6, 2016 10:27 AM

The NSA does not care about massive phone frauds. Funny how they can get all up in the business extra-judicially of some political targets foreign and domestic with drones and all but not protect our own population from billions of damage from fraud gangs.

The NSA are probably actually Russians or Chinese evil doers trying to damage credibility in our exceptionally pure and principled government.

stevenDecember 6, 2016 11:39 AM

Telephone numbers should have been replaced by public key fingerprints already. Then, the calling party can authenticate they reached the intended recipient, and the caller's telco has proof of that when billing them.

Being able to authenticate the calling party is another nice side-effect; also the ability to encrypt the call end-to-end...

ramriotDecember 6, 2016 12:04 PM

The articles last lines almost made me spit out my coffee:-

After this episode, my workplace’s phone company said it would change the carrier it used to reach Cuba. I tried the number again this week: “El numero que usted solicita, no esta asignada a una morada.” Then in English: “The number you are calling has not been subscribed.” And the call ended, like it should have.

I called again, just to be sure. It rang for a while, the error messages played, and then: “The whole farm was deeply divided on the subject of the windmill.”

VickyDecember 6, 2016 6:11 PM

> Telephone numbers should have been replaced by public key fingerprints already.

Sure, and we already have the requisite PKI: e164.arpa with DNSSEC. But telephone companies are mostly dragging their feet, because actually delegating your number's DNS to you would be tantamount to putting themselves out of business—you'd just publish records giving the various *free* ways to contact you!

Really, fixing the traditional voice network is a lost cause, but there's no clear alternative and telcos are taking advantage of that. I can open a 56K data stream to almost any country for free, but which of the 20 proprietary protocols/services shall I use? Telcos have been taking an active role too, with punitive data transfer limits on cell networks.

MrPuckDecember 6, 2016 9:09 PM

My major annoyance is CallerId. If you're like me you NEVER answer a cell phone call from an unknown caller. Yes, I have a polite answer about leaving a message and I'll call you back. Guess what? NOBODY leaves a message. Occasional messages about listeria in the local hummus or maybe free flu shots at the local drug store. My smart phone is just another firewall.

I believe you can fix the telcos. If they don't play along you cut them off. What is wrong with international standards for communication? It's Net Neutrality for common carriers.

BrunoDecember 7, 2016 3:01 AM

Multiple companies, no central authority ... surprising no one already mentioned Blockchain.

Jim AndrakakisDecember 7, 2016 5:13 AM

@MrPuck : agree. My pet hate is when callerid is not being passed on. As a Greek living in Switzerland, this happens a lot to me. I call friends, relatives etc. and instead of my mobile number (+41-7X-YYYYYYY) being displayed, they get all sorts of nonsense like "no callerid", 4- or 5- digits (!) or even unrelated local (!!!) numbers.

AdamDecember 7, 2016 5:14 AM

I should think this sort of fraud is very easy to stop - require phone users to opt into the international countries they wish to direct dial. Perhaps certain "trusted" countries are always opt-in and its only those on a black list which require explicit permission. In addition, cap the international call cost to some reasonable monthly total (unless owner opts out again) and simply disconnect calls if the total is reached.

It shouldn't be hard either to flag suspect fraudulent or premium / high-cost calls and make users listen to a short message telling them the country they're ringing, the cost of the call and to hang up now if they don't want to make the call.

These are simple measures and they would diminish the value of the fraud. So not only do they stop fraud they stop the theft of phones that feeds into the fraud.

DroneDecember 11, 2016 4:12 AM

A warning to readers of the linked article on The Atlantic:

In Para.-7 of her article, Author Sarah Zhang lays blame for the telephone fraud she encountered when calling Cuba (a notoriously difficult and expensive place to call) in her statement:

"Global capitalism abhors a vacuum."

This is a nice example of a Far-Left Ideologue taking any opportunity to inject anti-capitalist propaganda, no matter how wrong or false.

"Global Capitalism" (a non-existent thing to begin with in my opinion) is NOT the reason Ms. Zhang was ripped off. Criminals are!

Actually one can make an even stronger case:

Socialist-Marxism and the poverty & corruption history proves it inevitably causes is what really creates the service vacuum in Cuba which results in high telephone tariffs that attract criminals.

If Ms. Zhang's article is so ideologically biased, can you trust anything it contains? No, you can't. That is why Journalists used to be taught about the importance of Objectivity.

Biased, untruthful, fake garbage like this constantly leaking into what the Mainstream Press & Media regurgitates every day is what leads the thinking U.S. public to distrust everything they see, hear and read these days.

Shame on you Sarah Zhang; and shame on you The Atlantic for letting her get away with what she is doing. Try hiring a well educated Journalist next time, not some miscreant that popped out of a festering Communist Indoctrination Camp (a.k.a., a U.S. Public University).

N.B., From past experience, sending an opinion to The Atlantic is equivalent to tossing it into the trash. I could find no way on The Atlantic's site to contact the Author Sarah Zhang directly, and commenting publicly to her online-published article requires signing-up and divulging personal information, which as a private citizen I am unwilling to do.

Wasi KhanMay 23, 2017 10:02 AM

"Some operators take a very positive approach toward fraud management. Others see it as cost of business and don't put a lot of resources or systems in to manage it," this is what needs to improve. If a service provider doesn't take the pain to investigate the crime and invest in resources for aligning system management then the risk factors will definitely increase. Or else how is the end-user suppose to protect themselves from such severe fraudulent activities?

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.