In November 2017, I presented on the risks of Missing Trader VAT Fraud (MTIC), at the excellent AFRAGS 2017, the Araxxe Seminar in Lyon. During the event, whilst I was listening to a case study and discussion on Interconnect Fraud Detection, I heard something a couple of things about bypass which sent shivers down my spine. I can’t give you an exact quote, but the first was along the lines of:
Over the last 2 years, I’ve been aware of periodic complaints from customers on different mobile networks who claim their calls have been recorded. The customers report that during the call they notice they aren’t hearing live audio from the other party, but a recording, replaying audio content from earlier in the conversation. I have experienced it myself and remember thinking the other party was repeating himself but then realising I was hearing exactly what he had said previously, and in fact the call content was being replayed.
I thought Telcos could benefit from my interview with a SIMboxer, or, more precisely, a former SIMboxer. I’ve been aware of SIMboxing since 2002, and was involved in legal proceedings with one major SIMbox enterprise from 2003 to 2013, when their final appeal was thrown out by the European Court of Justice. I’ve been learning about SIMboxing all that time, so why would I want to talk to a former SIMboxer? Well, first, nobody knows everything. Second, much of the Telco ‘knowledge’ is second-hand or inferred – are you sure what you ‘know’ is accurate? One option is to verify your data at source, so I talked with ‘Dan’, the SIMbox man.
Did you see press coverage of the Ericsson bribery and corruption allegations in November 2016? Perhaps you were shocked. Maybe you felt disappointed that another industry icon had failed to live up to its image. I hadn’t really been aware of the allegations previously and I was surprised that Ericsson had screwed up so badly. I was sufficiently curious to research the history of events that led up to the damaging headlines, to see what lessons can be learned. Here is what I found…
For some time I have been highlighting the failure of UK authorities to deal with the proceeds of telecoms crime. TelCos agree that crime would be reduced if payment didn’t reach the fraudsters, but they don’t have a consistent and effective means of stopping those payments. POCA (Proceeds of Crime Act 2002) creates powers to seize funds via both civil and criminal courts but UK authorities have failed to make any visible effort to use it.
Here’s a quick recap for new readers. Global telecoms crime is worth USD 38 billion. Money is being laundered and terrorists are being financed. Despite their hard work, the TelCos haven’t been unable to make a significant impact and international frauds continue unchecked. The TelCos agree that crime would be reduced if payment didn’t reach the fraudsters – but, after years of discussion, still can’t agree how to block those payments.
Delegates at the recent 85th Interpol General Assembly in Bali have elected China’s Meng Hongwei as their new President. Mr Meng, who describes himself as a veteran policeman, will take up his duties immediately. He said he stands ready to do everything he can towards the cause of policing in the world. I noticed he mentioned ‘telecoms fraud’ in his address:
“We currently face some of most serious global public security challenges since World War Two. Terrorism is spreading; Cybercrime is arising; telecoms fraud is escalating; all kinds of traditional and non-traditional transnational crimes are rising.”
Over the past few days, you may have seen some interesting news reports describing a shift from the current telecoms models. According to Reuters, Vimpelcom is re-inventing itself and moving away from selling voice calls and data to offer a single, app-based platform where users can communicate for free. Great for consumers but where do you make a profit? And if you’re changing the operating model, what happens to the fraud risk?
International Fraud Awareness Week is promoted by the Association of Certified Fraud Examiners (ACFE) and runs from November 13-19.
One of my contributions is to share this brilliant 90-second video made by the UK Credit Industry Fraud Avoidance Scheme (CIFAS). It was made with real customers in real time and the message is clear – don’t make it easy for fraudsters. Help reduce the risk of Identity Theft by sending this link to everyone who needs to see this message.
How much will you lose in a big telecoms fraud? You may reasonably point out that ‘big’ is relative to the size of the company but for the sake of discussion, let’s say the question relates to the whole industry. So, how big is ‘big’? I’m thinking in round numbers here, but I’d say $1m is big, but not exceptional. $10m is big and $100m is exceptional, almost unique. So do you think you have a billion dollar risk from telecoms fraud?