Back to News & Events
article

If fighting fraud seems futile, switch your stance from reactive to proactive

Aug 21, 2024

Whac-A-Mole is an arcade game where players struggle to keep up with moles that pop up faster and faster and in greater numbers. It’s also become shorthand for an exercise in futility, which is why attendees at a recent European Conference of Postal and Telecommunications Administrations (CEPT) workshop kept using the term to describe the challenge of stopping fraud: As soon they knocked down one type of fraud, another would pop up and then another and another . . .

The difference is that communications service providers (CSPs) lose a lot more than just a quarter. Between SMS phishing, illegal robocalls, spoofing, “wangiri” one-ring scams, account takeovers, PBX hacking and other attacks, fraudsters cost the telecommunications industry an estimated $38.95 billion in 2023, a 12% increase over 2021. Their customers, such as doctor’s offices, schools, airlines and other legitimate businesses also suffer when those calls and text messages go unanswered because fraud has conditioned consumers not to answer when they see an unfamiliar number.

For CSPs, the key to winning starts with understanding how the game is played. When fraudsters pop up from an unexpected hole, it’s already a familiar one to them. That’s because fraudsters spent weeks or months using hacking or social engineering to find a network’s weak spots, which become their mole holes. By the time CSPs notice them popping up in those new places and bring the hammer down — in the form of configuration changes — fraudsters have made off with their loot and disappeared. 

How fast are they? “It used to take 15 minutes for a fraudster to take over an account,” says Kathy Timko, Executive Vice President, LNPA Services at iconectiv. “Data now suggests it takes less than 10 minutes and is going down to less than 5 minutes. So time is critical, and as such, we’re fond of saying here, ‘Moments matter’ in identity checks.”

Close Holes Before Fraudsters Find Them

CSPs can gain the upper hand by switching from a reactive to a proactive stance. Authoritative, continually updated telephone number data equips CSP fraud management systems with the insights they need to proactively block calls to risky numbers and analyze inbound traffic for fraudulent call attempts. 

Using iconectiv data, CSPs can close mole holes before fraudsters even have a chance to pop up by: 

  • Excluding national codes
  • Tracking changes/additions to deny lists and allow lists 
  • Providing detailed or deep-dive breakouts for top destinations
  • Offering details on Type of Service (TOS) and/or other network-specific requirements
  • Providing different International Premium Rate Number (IPRN) range depth from country to country

All Together Now

Part of what makes Whac-A-Mole so challenging is that it’s a single-player game. Fortunately, Whac-A-Fraudster can be a group effort, where more players dramatically change the odds.

For example, the Communications Fraud Control Association’s (CFCA) 2023 Global Fraud Loss Survey found that 56% of CSPs, businesses and industry groups share incident reports, fraudulent numbers, hotlists and other intelligence. Even more — 62% — say they’re willing to start sharing. These insights help everyone identify emerging threats faster than if they each worked on their own.

One result is that 30% of the businesses surveyed say that their fraud losses trended down over the previous 12 months. That’s something to keep in mind whenever Whac-A-Fraudster looks like a game that can’t be won.