Cost of Toll Frauds
Toll fraud attacks happen in a variety of ways. In most instances, attacks take the form of International Revenue Share Fraud (IRSF), an approach where attackers exploit a compromised VoIP server to generate large numbers of calls to high calling rate markets. Attackers make their money often by setting up fraudulent companies, or in conjunction with rogue telecom operators. The 2017 CFCA survey noted that of the $29.2 billion in losses that year, $6.10 billion was due to IRSF attacks.
Other forms of fraud include attacks to high-cost 8xx numbers or SIM box attacks that seek to evade telco interconnects to avoid paying tariffs. In addition to these commonplace attacks, many phone calls are simply spam or fraudulent attempts to get unsuspecting receivers to part with their money through several illicit schemes.
Unfortunately, most enterprise telecom leaders still pay little attention to security. As I noted in
a No Jitter post this past July, 21.3% of the 645 organizations participating in our
Workplace Collaboration: 2019-20 Research Study have a pro-active security strategy. Of those with a strategy, most include audits, penetration testing, and regular patching as key components of their security approach. Only 25% believe that adopting SIP trunking creates an additional security risk.
As entry points into phone systems increase – thanks to the growing use of softphones, mobile clients, APIs, and WebRTC that embed calling into just about any app – so to do the potential vectors for attack. However, a recent Ribbon Communications UC Market Insights study found that 85% of respondents believe that their UC provider should protect them, just 15% believe they’re responsible for protecting themselves against an attack.
Building A Toll Fraud Strategy
As the risk of attacks grows, along with awareness of past successful attacks, so too should enterprise awareness of the need to proactively protect their WC applications, even if using cloud-based services. Fortunately, enterprises have tools that can leverage analytics to understand calling patterns, look for known attack signatures or anomalies that could indicate zero-day attacks, and automate the process of blocking an attack or mitigating the impacts of one that has occurred. Ideally, a solution would enable rapid detection, anticipate an attack with predictive analysis, and automate means of responding to or preventing the attack. With more than 60% of organizations running more than one calling system, a toll fraud prevention platform would ideally enable unified management across a multi-vendor calling environment.
A toll fraud prevention and mitigation strategy starts with recognizing the problem, in this case, the risk to reputation and the costs of a successful toll fraud attack. IT leaders must take a proactive approach to first understand their risks, and second to implement a security strategy that includes regular audits, patching, penetration testing, and the capability to leverage analytics to improve the ability to recognize, contain, and respond to attacks as they occur, or to prevent them from occurring in the first place.