|The examples and perspective in this article deal primarily with the United States and do not represent a worldwide view of the subject. (December 2010) |
Whether in the form of a subscriber attempting to defraud the telephone company, the telephone company attempting to defraud a subscriber, or a third party attempting to defraud either of them, fraud has been a part of the telephone system almost from the beginning.
A carrier's profit is significantly impacted by billing fraud.
Communications Fraud Communications fraud is the use of telecommunications products or services without intention to pay. Many operators have increased measures to minimize fraud and reduce their losses. Communications operators tend to keep their actual loss figures and plans for corrective measures confidential.CFCA. "CFCA's 2011 Worldwide Telecom Fraud Survey". CFCA. http://cfca.org/pdf/survey/Global%20Fraud_Loss_Survey2011.pdf. Retrieved 5 December 2011.
According to the survey the 2011 top 5 fraud loss categories reported by operators were:CFCA. "CFCA's 2011 Worldwide Telecom Fraud Survey". CFCA. http://cfca.org/pdf/survey/Global%20Fraud_Loss_Survey2011.pdf. Retrieved 5 December 2011.
- $4.96 Billion (USD) – Compromised PBX/Voicemail Systems
- $4.32 Billion (USD) – Subscription/Identity Theft
- $3.84 Billion (USD) – International Revenue Share Fraud
- $2.88 Billion (USD) – By-Pass Fraud
- $2.40 Billion (USD) – Credit Card Fraud
Types of frauds
Fraud against users
Frauds against users by phone companies
- Cramming is the addition of charges to a subscriber's telephone bill for services which were neither ordered nor desired by the client, or for fees for calls or services that were not properly disclosed to the consumer. These charges are often assessed by dishonest third-party suppliers of data and communication service that phone companies are required, by law, to allow the third-party to place on the bill.
- Slamming is any fraudulent, unauthorized change to the default long-distance/Local carrier or DSL internet service selection for a subscriber's line, most often made by dishonest vendors desirous to steal business from competing service providers.
Fraud against customers by third parties
- PBX dial through can be used fraudulently by placing a call to a business then requesting to be transferred to "9-0" or some other outside toll number. (9 is normally an outside line and 0 then connects to the utility's operator.) The call appears to originate from the business (instead of the original fraudulent caller) and appears on the company's phone bill. Trickery (such as impersonation of installer and telco personnel "testing the system") or bribery and collusion with dishonest employees inside the firm may be used to gain access.
- Autodialers may be used for a number of dishonest purposes, including telemarketing fraud or even as War dialing. War dialers take their name from a scene in the early-1980s movie WarGames in which a 'cracker' programs a home computer to dial every number in an exchange, searching for lines with auto-answer data modems. Sequential dialing is easy to detect, pseudo-random dialing is not. One more recent variant involves claiming to be a customer-owned coin-operated telephone (COCOT) vendor, connecting an autodialer to what should have been a payphone line, dialing an assorted series of toll-free "wrong numbers" (such as +1-800 in US, which effectively reverses the charges) and then demanding that the called parties reimburse the fraudulent COCOT provider for the cost of "calls received from a payphone".
- Autodiallers are also used to make many short duration calls, mainly to mobiles, leaving a missed call number which is either premium rate or contains advertising messages. Known as Wangiri from Japan where it originated.
- Dialer programs containing malware or malicious code have been used to cause personal computers to disconnect from an existing legitimate local provider and instead dial into a premium (usually overseas) number. The first of these used a Moldovan phone number.
- Pre-pay telephone cards or "calling cards" are also very vulnerable to fraudulent use; these cards contain a number or passcode which can be dialed in order to bill worldwide toll calls to the card. Anyone who obtains the passcode can dishonestly misuse it to make or to resell toll calls.
- 809 scams take their name from the former +1 (809) area code which used to cover most of the Caribbean nations (it has since been split into multiple new area codes, adding to the confusion). The numbers *look* like Canadian or US telephone numbers but turn out to be costly, overpriced international calls. Entire Caribbean phone exchanges (such as +1-876-HOT-...) numbers in Jamaica, plus numbers in Antigua, Montserrat and a number of other Caribbean or overseas countries) are used to bypass consumer protection laws which govern premium numbers and phone sex operations such as +1-900 or 976 services in the victim's home country. Other variants on this scheme involve leaving messages on pagers or making bogus claims of being a relative in a family emergency to trick users into calling the foreign numbers, then attempting to keep the victim on the line as long as possible in order to incur the cost of an expensive foreign call.
- Carrier access codes were widely misused by phone sex scammers in the early days of competitive long distance; the phone-sex operations would misrepresent themselves as alternate long-distance carriers to evade consumer protection measures which prevent US phone subscribers from losing local or long-distance service due to calls to +1-900 or 976 premium numbers. This practice has largely been replaced by the misuse of numbers in former +1-809 countries or other overseas numbers as cash-strapped governments in many poorer nations are willing to condone the practice.
- Telemarketing fraud takes a number of forms; much like mail fraud, solicitations for the sale of goods or investments which are never delivered or worthless and requests for donations to unregistered charities are not uncommon. Callers often prey upon sick and elderly persons; scams in which a caller attempts to obtain banking or credit card information also frequently occur. One other variant involves calling a number of business offices, asking for model numbers of various pieces of office equipment in use (such as photocopiers) and sending unsolicited shipments of supplies for the machines then billing the victims at artificially inflated prices.
- Verizon, at the customer's request, will put a Cramming Block on the customer's account, that prevents third parties from adding charges.
Fraud by phone companies against one another
- Interconnect fraud involves the falsification of records by telephone carriers in order to deliberately miscalculate the money owed by one telephone network to another. This affects calls originating on one network but carried by another at some point between source and destination.
- Refiling is a form of interconnect fraud in which one carrier tampers with CID (caller-ID) or ANI data to falsify the number from which a call originated before handing the call off to a competitor. Refiling and interconnect fraud briefly made headlines in the aftermath of the Worldcom financial troubles; the refiling scheme is based on a quirk in the system by which telcos bill each other - two calls to the same place may incur different costs because of differing displayed origin. A common calculation of payments between telcos calculates the percentage of the total distance over which each telco has carried one call to determine division of toll revenues for that call; refiling distorts data required to make these calculations.
Fraud against the phone company by users
- Subscription fraud: for example, signing up with a bogus name, or no intention to pay.
Frauds against the phone company by third parties
- Phreaking involves obtaining knowledge of how the telephone network operates, which can be used (but isn't always) to place unauthorised calls. The history of phone phreaking shows that many 'phreaks' used their vast knowledge of the network to help telephone companies. There are, however, many phreaks that use their knowledge to exploit the network for personal gain, even today. In some cases social engineering has been used to trick telco employees into releasing technical information. Early examples of phreaking involved generation of various control tones, such as a 2600 hertz blue box tone to release a long-distance trunk for immediate re-use or the red box tones which simulate coins being inserted into a payphone. These exploits no longer work in many areas of the telephone network due to widespread use of digital switching systems and out-of-band signaling. There are, however, many areas of the world where these control tones are still used and this kind of fraud is still continuing to happen.
- A more high-tech version of the above is switch reprogramming, where unauthorized "back door" access to the phone company's network or billing system is used to allow free telephony. This is then sometimes resold by the 'crackers' to other customers.
- Payphones have also been misused to receive fraudulent collect calls; most carriers have turned off the feature of accepting incoming calls or have muted the payphones internal ringing mechanism for this very reason.
- Cloning (telephony) has been used as a means of copying both the electronic serial number and the telephone number of another subscriber's phone to a second (cloned) phone. Airtime charges for outbound calls are then mis-billed to the victim's cellular phone account instead of the perpetrator's. Cordless phones are often even less secure than cell phones, though there are a number of security issues currently affecting cellular phones . There are a number of other privacy concerns with mobile and cordless phones; a scanner radio may intercept analogue conversations in progress.