If fighting fraud seems futile, switch your stance from reactive to proactive
Whac-A-Mole is an arcade game where players struggle to keep up with moles that pop up faster and faster and in greater numbers. It’s also become , which is why attendees at a recent European Conference of Postal and Telecommunications Administrations (CEPT) workshop kept using the term to describe the challenge of stopping fraud: As soon they knocked down one type of fraud, another would pop up and then another and another . . .
The difference is that communications service providers (CSPs) lose a lot more than just a quarter. Between SMS phishing, illegal robocalls, spoofing, “wangiri” one-ring scams, account takeovers, PBX hacking and other attacks, . Their customers, such as doctor’s offices, schools, airlines and other legitimate businesses also suffer when those calls and text messages go unanswered because fraud has conditioned consumers not to answer when they see an unfamiliar number.
For CSPs, the key to winning starts with understanding how the game is played. When fraudsters pop up from an unexpected hole, it’s already a familiar one to them. That’s because fraudsters spent weeks or months using hacking or social engineering to find a network’s weak spots, which become their mole holes. By the time CSPs notice them popping up in those new places and bring the hammer down — in the form of configuration changes — fraudsters have made off with their loot and disappeared.
How fast are they? “It used to take 15 minutes for a fraudster to take over an account,” , Executive Vice President, LNPA Services at ǶƵ. “Data now suggests it takes less than 10 minutes and is going down to less than 5 minutes. So time is critical, and as such, we’re fond of saying here, ‘Moments matter’ in identity checks.”
Close Holes Before Fraudsters Find Them
CSPs can gain the upper hand by switching from a reactive to a proactive stance. Authoritative, continually updated telephone number data equips CSP fraud management systems with the insights they need to proactively block calls to risky numbers and analyze inbound traffic for fraudulent call attempts.
Using ǶƵ data, CSPs can close mole holes before fraudsters even have a chance to pop up by:
- Excluding national codes
- Tracking changes/additions to deny lists and allow lists
- Providing detailed or deep-dive breakouts for top destinations
- Offering details on Type of Service (TOS) and/or other network-specific requirements
- Providing different International Premium Rate Number (IPRN) range depth from country to country
All Together Now
Part of what makes Whac-A-Mole so challenging is that it’s a single-player game. Fortunately, Whac-A-Fraudster can be a group effort, where more players dramatically change the odds.
For example, the found that 56% of CSPs, businesses and industry groups share incident reports, fraudulent numbers, hotlists and other intelligence. Even more — 62% — say they’re willing to start sharing. These insights help everyone identify emerging threats faster than if they each worked on their own.
One result is that 30% of the businesses surveyed say that their fraud losses trended down over the previous 12 months. That’s something to keep in mind whenever Whac-A-Fraudster looks like a game that can’t be won.