Telecommunications or telecom fraud is a fast-growing field of criminal activity and a low-risk alternative to traditional methods of financial crime, costing today’s world some US$32.7 billion (€29 billion) annually, according to a joint report published Thursday by Europol’s European Cybercrime Centre and Trend Micro, a Taiwanese cyber security and defense company.
“Telecommunications fraud is another example of criminals ‘hacking the system’ in order to abuse legitimate enterprises for criminal gain,” said Steven Wilson, Head of the European Cybercrime Centre.
“While this is not a new crime area, it does represent a new challenge for many law enforcement agencies throughout the European Union,” he continued.
The Cyber-Telecom Crime Report 2019, which serves as a technical guide for stakeholders in the telecoms industry, supplies the basics of how telecom fraud works, outlines the most common forms such fraud takes and provides suggestions to telecom companies for how they can prevent and detect criminal activity.
Telecoms fraud is the abuse of telecom products (primarily telephones and mobile phones) or services with the aim of illegally siphoning away money from either a telecom service provider or its customers. Perpetrators of such fraud attempt to gain access to SIM cards or other billing portals to enter the customer or carrier account, “where debt can be incurred in favor of the attacker,” the report details.
“This victim debt is the criminal revenue,” the report’s authors explain.
Telecom fraud can take a wide variety of forms. “Vishing calls” are a phone scam in which criminals trick victims into revealing their personal, financial or security information or into transferring money to them.
International Revenue Sharing Fraud (IRSF), the most financially damaging fraud, involves transferring monetary value from one carrier to another, relying on inter-carrier trust between multiple telecom companies.
Telecom fraud, the report says, “is increasingly originating in countries normally considered ‘third world’ or failed states,” and is more and more “being used to prop up failing economies.”
While most traditional financial crime has to circumvent Anti-Money Laundering Audit Controls (AMLAC), these regulations are not present in telecoms crime, where SIM cards are used instead of banks. Cheap and easily accessible hacking equipment helps drive the rise of this low-risk fraud.
The report notes that the costs of most telecom fraud is absorbed by the telecom companies themselves, which hinders transnational intelligence sharing and prevents more arrests of fraudsters.
Europol’s European Cybercrime Centre created the CyTel working group in 2018, uniting more than 70 experts from law enforcement and the global telecommunications industry to share intelligence, knowledge and experience surrounding the issue of telecom fraud.
Average citizens, for their part, need to be more aware of their vulnerabilities online, says Craig Gibson, Principal Threat Defence Architect at Trend Micro.
“We trust that our phones will work, that we can work from home, that we can be paid through our ATM accounts, and that we can shop online. We tend not to think about what is under the covers of the unseen global network we rely on so much, despite the fact that telecom carriers and their networks are the underpinning of modern society,” he said in the report.