Author: Tom Wilson
Bypass fraud along with IRSF has proven they are highly costly types of network fraud in the modern telecommunications environment. The menace of telecom fraud has made the telecom operators and the regulators face staggering annual revenues losses numbering in the multiple billions in US Dollars.
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Network Fraud - Bypass/Premium Rate Number - IRS
1.
TERALIGHT
NETWORK
FRAUD
–
BYPASS/PREMIUM
RATE
NUMBER
–
IRS
Author:
Tom
Wilson
2.
1
|
P a g e
w w w . t e r a l i g h t . c o m
-‐
T L T
+ 9 7 1 . 5 0 . 4 5 9 . 7 2 1 7
Contents
Executive
Summary
..............................................................................................................................................................................
Introduction
.......................................................................................................................................................................................
2
Bypass
...........................................................................................................................................................................................
2
IRSF
...............................................................................................................................................................................................
2
Who
is
affected?
................................................................................................................................................................................
5
How
bypass
fraud
works?
..................................................................................................................................................................
5
Legal
Call
Termination
...................................................................................................................................................................
5
Illegal
Call
Termination
.................................................................................................................................................................
5
On-‐Net
Fraud
...........................................................................................................................................................................
6
Off-‐Net
Fraud
...........................................................................................................................................................................
6
IRSF
-‐
Premium
Number
Fraud
.................................................................................................................................................
6
Fraud
Prevention
...............................................................................................................................................................................
7
Bypass
Route
Detection
................................................................................................................................................................
7
SIM
Box
Detection
using
Fraud
Management
Systems
................................................................................................................
7
IRSF
-‐
Premium
Number
Fraud
Prevention
...................................................................................................................................
9
Conclusion
..........................................................................................................................................................................................
9
Executive Summary
Bypass
fraud
along
with
IRSF
has
proven
they
are
highly
costly
types
of
network
fraud
in
the
modern
telecommunications
environment.
The
menace
of
telecom
fraud
has
made
the
telecom
operators
and
the
regulators
face
staggering
annual
revenues
losses
numbering
in
the
multiple
billions
in
US
Dollars.
Bypass
fraud
is
more
predominant
in
countries
where
the
cost
of
terminating
international
call
is
much
higher
than
the
cost
of
a
national
call
by
a
substantial
margin
or
the
countries
where
government
carriers
monopolize
international
gateways.
These
fraud
committers
(fraudsters),
who
can
be
both
individuals
and
organizations,
through
the
use
of
various
bypass
contrivances,
sell
capacity
to
terminate
calls
cheaply
in
these
countries,
either
on
the
open
market
or
via
direct
connections
with
interconnect
operators.
Operators
sending
outbound
international
traffic
are
then
attracted
by
these
interconnect
operators
with
lower
interconnect
rates,
usually
with
lower
quality
and
no
delivery
of
CLI.
This
leads
to
loss
of
revenue
for
terminating
network
operators
as
well
as
causing
potential
social
harm
to
society.
Premium
rate
services
have
been
hit
with
IRSF
(international
Revenue
Share
Fraud)
that
exploits
the
interconnection
of
premium
rate
services.
The
major
way
to
commit
IRSF
is
by
significantly
increasing
the
number
of
calls
to
a
premium
number
in
a
variety
of
ways
to
increase
the
revenue.
These
are
two
types
of
international
fraud
which
account
for
a
major
portion
of
operator’s
network
fraud
losses.
The
purpose
of
this
paper
is
to
discuss
comprehensive
and
best
in
class
solutions
to
combat
bypass
fraud
and
premium
number
hijacking.
3.
2
|
P a g e
w w w . t e r a l i g h t . c o m
-‐
T L T
+ 9 7 1 . 5 0 . 4 5 9 . 7 2 1 7
Introduction
This
paper
discusses
two
distinctly
different
types
of
telecom
network
fraud.
One
is
commonly
called
international
network
bypass
fraud
(bypass)
and
the
other
is
called
international
revenue
sharing
fraud
(IRSF).
Both
are
considered
to
be
costing
operators
and
governments
billions
USD
in
losses.
Bypass
Bypass
fraud
is
also
known
as
“Grey
routing”,
‘SIM
Boxing’
and
‘Leaky
PABX’,
is
a
widespread
and
problematic
telecom
risk.
Bypass
Fraud
is
prevalent
in
countries
where
there
is
a
big
difference
between
the
national
retail
calling
rates/national
interconnect
rates
and
international
terminating
rates.
This
is
set
either
by
the
regulator
in
the
country
or
by
individual
(or
group
of)
operators
(unregulated).
It
is
also
popular
in
countries
where
government
operators
monopolize
international
gateways.
The
difference
in
rates
ensures
there
are
enough
profit
margins
for
bypass
service
providers
to
construct
their
networks
and
even
handle
certain
amounts
of
losses
due
to
discovery
of
their
routes
and
business
practices
to
elude
detection.
Countries
where
the
international
to
national
terminating
charge
margins
are
low,
nil
or
negative,
the
Bypass
fraud
either
doesn’t
exist
or
is
conducted
on
a
low
scale,
or
is
considered
insider
billing
fraud.
According
to
surveys
of
CFCA,
ACFE
and
ETNO
the
potential
commercial
loss
due
to
fraud
in
telecommunication
networks
equates
to
0.5%
to
5%
of
operator’s
revenue.
Additionally,
bypass
fraud
consumes
a
substantial
amount
of
signaling
and
voice
bandwidth
as
well
as
the
resources
of
individual
network
elements
(i.e.
STPs,
switches,
databases).
In
order
to
properly
identify
By-‐Pass
Fraud
one
needs
to
understand
the
issues
around
this
fraud.
IRSF
Premium-‐rate
numbers
provide
certain
services
for
prices
higher
than
normal
calls.
Unlike
a
normal
call,
a
part
of
the
call
charge
is
paid
to
the
service
provider,
enabling
businesses
to
be
funded
via
them.
While
the
billing
is
different,
calls
are
usually
routed
the
same
way
they
are
for
a
toll-‐free
telephone
number.
These
telephone
numbers
are
usually
allocated
from
a
national
telephone
numbering
plan
in
a
way
that
they
are
distinguishable
from
other
numbers.
In
many
cases
of
premium
rate
calls,
the
transmission
of
the
call
goes
through
multiple
operator
networks.
Most
involve
the
use
of
GSM
SIM
cards,
being
taken
across
international
borders
to
originate
calls
on
effected
originator
networks,
utilizing
the
roaming
capability
of
the
SIM
cards.
IRSF
fraud
is
very
difficult
to
nail
down,
given
the
multiple
operators
involved,
the
complexity
of
networks
and
BSS
systems
involved
and
the
lack
of
total
end-‐to-‐end
cooperation
of
all
stakeholders
to
assist
in
elimination
of
these
types
of
fraud.
Origination
operator
networks
are
left
hanging
with
the
invoice
for
these
high
cost
calls,
either
on
a
premium-‐rate
number
call
or
on
a
call
to
a
high
cost
per
minute
destination
country.
4.
3
|
P a g e
w w w . t e r a l i g h t . c o m
-‐
T L T
+ 9 7 1 . 5 0 . 4 5 9 . 7 2 1 7
IRSF
has
many
different
types
of
perpetrators.
Normal
callers
can
also
become
unwitting
contributors
to
IRSF,
where
they
want
specific
content
that
is
derived
from
premium
rate
number
content
providers.
However
in
some
cases,
the
content
provider
is
the
same
party
(individual
or
group
of
individuals
or
company
in
some
cases)
as
the
fraudsters
forcing
high
volumes
of
calls
to
those
illicit
content
premium
number
services.
Premium-‐rate
numbers
have
also
been
used
to
defraud
unsuspecting
users.
One
scheme
involves
inducing
users
to
download
a
program
known
as
a
dialer.
This
surreptitiously
dials
a
premium-‐rate
number,
accumulating
charges
on
the
user's
phone
bill
without
their
knowledge.
Another
premium-‐rate
scam
involves
television
programming.
This
induces
young
children
to
dial
the
number,
banking
on
the
notion
that
they
will
be
unaware
of
the
incurred
charges.
In
other
cases,
newer
version
of
smart
phones
have
the
capacity
to
make
six
calls
to
each
conference
call
they
make
and
thus
six
calls
at
a
time
increasing
call
volumes
quickly.
This
is
done
to
elude
blockage
induced
by
some
of
the
telecoms
software
fraud
detection
systems,
which
can
detect
high
volume
suspicious
call
traffic
patterns
to
premium
rate
numbers
and
or
long
call
duration
(usually
up
to
59.9
minutes)
to
the
same
type
of
numbers.
Briefly
summarizing
IRSF
-‐
Premium
Rate
Service
fraud;
this
type
of
fraud
occurs
when
a
person,
group
of
persons,
or
a
company
or
group
of
companies
scheme
with
either
the
content
provider
or
the
international
network
providing
the
content
to
find
different
measures
to
falsely
increase
the
total
number
of
calls
significantly
and
or
enacting
methods
to
increase
falsely
generate
longer
call/billing
time
to
increase
the
revenue
generated
by
the
use
of
the
premium
rate
number.
The
various
parties
to
the
call
share
this
revenue;
if
a
part
of
IRSF,
some
of
the
parties
are
traditional
network
operators
transmitting
the
calls
and
some
parties
who
are
a
part
of
the
fraud
itself.
The
premium
rate
numbers
are
easy
to
obtain,
and
very
blatantly,
these
companies
and
the
content
generators
advertise
publicly
for
persons
to
find
ways
to
earn
money
by
generation
of
call
traffic
to
these
premium
rate
numbers.
Again,
IRSF
can
be
either
via
the
use
of
Premium
Rate
Numbers
or
simply
high
rate
termination
country
termination
numbers.
5.
4
|
P a g e
w w w . t e r a l i g h t . c o m
-‐
T L T
+ 9 7 1 . 5 0 . 4 5 9 . 7 2 1 7
Pirated
Mobile
GSM
SIM
chips
in
a
Roaming
Scenario
generating
IRSF
“Fraud”
The
content
provider
or
the
final
network
providing
the
internalonal
premium
number
service
may
be
in
cahoots
with
the
fraudsters
to
generate
higher
volumes
of
calls
to
the
premium
number
or
make
amempts
to
lengthen
calls
to
generate
higher
call
revenues.
*
the
call
costs
and
rates
are
merely
examples
for
purpose
of
this
illustralon
The
Premium
Number
owner
passes
through
the
revenue
to
the
Internalonal
Revenue
Share
Number
provider
which
is
usually
(not
always)
the
same
enlty
as
the
content
porovider.
The
revenue
of
$1.46
being
passed
through
to
the
IRSN
If
the
final
network
which
owns
or
leases
the
Premium
number
from
an
Number
range
owner,
does
not
own
the
content,
they
will
keep
example
of
$1.00
and
pay
to
content
holder
$.46.
The
Internalonal
Revenue
Share
Number
Network
will
terminate
the
call
to
the
premium
number
called.
Operator
C
tansits
the
call.
Receives
the
call
from
Operator
B
Operator
C
collects
$1.71
from
Operator
B
and
will
keep
$.25.
Operator
C
sends
the
call
to
an
enlty
"owning
the
Premium
Number
Range".
Operator
C
pays
the
PNRO
pass
thorugh
$1.46.
Operator
B
transits
the
call.
Receives
the
call
from
Operator
A
Operator
B
collects
$1.91
from
Operator
A
and
will
keep
$.20.
Operator
B
sends
the
call
to
Operator
C
and
pays
Operator
C
$1.71.
Operator
A
transits
the
call.
Receives
the
call
from
network
where
call
originates
from.
Operator
A
collects
from
originalng
network
operators
$2.16,
and
will
keep
$.25.
Operator
A
sends
the
call
to
Operator
B
and
pays
the
receiving
operator
$1.91.
Call
is
generated
in
this
visled
country,
where
the
home
of
the
SIM
chip
operator
wil
pay
$2.50
The
network
where
the
call
is
made,
gets
to
retain
$.34.
This
operator,
where
the
call
is
actually
made,
pays
$2.16
to
the
carrier
next
in
line
to
handle
the
call.
Illegal
fraud
generated
usually
by
generalon
of
high
volume
of
calls
to
a
Premium
Rate
Number
vis
a
vis
pirated
GSM
SIM
chips
taken
to
another
country
to
roam
call
traffic
Home
market
for
SIM
chip
SIM
chip(s)
taken
to
another
country
to
roam
originalon
of
call
from.
The
SIM
home
country
operator
is
not
PAID
for
cost
of
Premium
Rate
Number
Call.
Example
$2.50.
6.
5
|
P a g e
w w w . t e r a l i g h t . c o m
-‐
T L T
+ 9 7 1 . 5 0 . 4 5 9 . 7 2 1 7
Who is affected?
Bypass
fraud
or
grey
telephony
is
a
serious
issue
for:
Telecom
Operators
-‐
Telecom
Regulators
–
Subscribers
Bypass
fraud
can
have
the
following
adverse
effects:
*
Revenue
loss
to
government
treasuries.
Especially
in
emerging
markets,
where
the
state
entity
has
equity
in
the
operators.
Regulators,
both
national
and
regional
such
as
Berec,
PTA,
STRA,
JTRC
and
others
have
taken
a
real
serious
look
at
these
types
of
network
fraud.
*
Bypass
fraud
disturbs
planned
and
predicted
revenue
streams
of
telecom
operators
who
have
invested
millions
of
dollars.
The
investment
may
be
in
form
of
license
fees,
deployment
of
infrastructure
and
other
government
charges.
*
Foreign
investment
in
telecom
sector
is
reduced
as
a
result
of
lack
of
investor
confidence
in
the
market,
especially
in
developing
countries
where
a
large
portion
of
the
national
GDP
is
from
telecoms.
*
Social
anxiety
where
people
do
not
wish
to
answer
non
CLI
(generally
indicative
of
a
grey
route
being
used
to
terminate
the
call)
low
quality
network
calls,
due
to
passage
over
very
low
quality,
highly
compressed
and
congested
IP
routes
with
no
network
management
whatsoever.
*
Social
safety
where
people
may
only
answer
those
calls
where
the
called
party
receives
CLI
and
is
able
to
identify
the
calling
party.
It
has
happened,
where
a
non
CLI
call
is
ignored,
due
to
general
knowledge
of
low
quality
calls
and
the
called
party
is
unsuspecting
of
the
nature
of
the
call,
where
it
may
be
a
family
emergency
but
they
don’t
know
it,
for
the
CLI
is
not
passed
on
most
bypass
routes.
How bypass fraud works?
Bypass
fraud
has
different
forms
–
international
vs.
national,
incoming
vs.
outgoing,
border
bypass
etc.
–
but
the
idea
is
simple:
bypassing
interconnect
points
via
cheaper
routes
such
as
the
Internet.
Legal Call Termination
Call
termination,
also
known
as
voice
termination,
refers
to
the
routing
of
telephone
calls
from
one
Telephone
Company
to
another.
The
terminating
point
is
the
called
party
or
end
point.
The
originating
point
is
the
calling
party
who
initiates
the
call.
This
term
often
applies
to
calls
while
using
voice
over
Internet
protocol
(VoIP):
a
call
initiated
as
a
VoIP
call
is
terminated
using
the
public
switched
telephone
network
(PSTN).
In
such
cases,
termination
services
may
be
sold
as
a
separate
commodity.
The
opposite
of
call
termination
is
call
origination,
in
which
a
call
initiated
from
the
PSTN
is
terminated
using
VoIP.
Thus,
in
"origination"
a
call
originates
from
PSTN
and
goes
to
VoIP,
while
in
"termination"
a
call
originates
in
VoIP
and
terminates
to
the
PSTN.
Illegal Call Termination
Illegal
call
termination
utilizes
least
cost
call
termination
techniques
such
as
GSM
Gateway
SIM
Boxes
to
bypass
the
legal
call
interconnection.
This
diverts
international
incoming
calls
to
either
on-‐network
or
off-‐network
GSM/CDMA/Fixed
calls
through
the
use
of
VoIP
or
Satellite
gateway.
Doing
this
evades
revenue
for
international
call
termination
which
operators
and
government
regulators
are
entitled
to.
7.
6
|
P a g e
w w w . t e r a l i g h t . c o m
-‐
T L T
+ 9 7 1 . 5 0 . 4 5 9 . 7 2 1 7
On-‐Net Fraud
For
an
operator,
if
the
person
committing
fraud
uses
their
own
network’s
connections
to
terminate
the
bypassed
calls,
it
is
identified
as
On-‐Net
Bypass
Fraud.
On-‐net
calls
are
expected
to
provide
the
least
national
calling
rates.
Lot
of
modern
Bypass
equipment
(GSM
Gateway
SIM
Boxes,
computer
programs
etc.)
scan
the
terminating
party
numbers
and
re-‐originate
calls
only
from
those
connections
which
belong
to
the
same
operator’s
network
as
the
terminating
party.
For
On-‐Network
terminating
calls
(connections
used
for
Bypass
Fraud
belong
to
the
home
operator),
the
revenue
loss
per
call
is
directly
related
to
the
difference
between
the
international
interconnect
termination
price
and
the
retail
price
of
on-‐network
call.
Off-‐Net Fraud
If
the
fraud
committer
uses
competitor’s
connections
or
any
other
means
for
termination,
it
is
identified
as
Off-‐Net
Bypass
Fraud.
In
regions,
where
the
off-‐network
call
rates
are
equal
to
the
on-‐network
calls,
national
calls
may
be
originated
from
off-‐network
number
to
conduct
the
Bypass
fraud
which
means
that
numbers
can
be
from
other
networks
as
well.
For
Off-‐Network
terminating
calls
(connections
used
for
Bypass
Fraud
belong
to
competitor),
the
revenue
loss
per
call
is
directly
related
to
the
difference
between
the
international
interconnect
termination
price
and
the
local
interconnect
termination
price
of
off-‐network
calls.
IRSF -‐ Premium Number Fraud
Premium
rate
services
have
attracted
multiple
types
of
fraud
that
exploit
the
interconnection
of
premium
rate
services.
The
basic
scheme
is
that
the
fraud
committer
contracts
with
a
terminating
operator
to
provide
a
premium
rate
service
and
then
separately
subscribes
for
several
lines
with
an
originating
operator,
normally
not
the
same
operator
as
the
terminating
operator.
8.
7
|
P a g e
w w w . t e r a l i g h t . c o m
-‐
T L T
+ 9 7 1 . 5 0 . 4 5 9 . 7 2 1 7
The
fraud
committer
then
runs
auto
dialers
on
the
subscriber
lines
and
calls
the
premium
rate
numbers
continually
running
up
very
large
invoices,
where
the
fraudster
is
usually
able
to
share
a
part
of
this
fraudulent
revenue.
This
is
just
one
example
of
how
the
fraud
is
generated.
There
are
many
ways
to
falsely
generate
high
volumes
of
calls
from
one
country
to
another
to
the
Premium
Rate
Numbers,
which
are
commonly;
magnets
for
this
type
of
fraud.
Fraudsters
generate
calls
by
new
technology,
by
paying
people
to
make
calls
upon
calls
to
these
termination
numbers,
which
sometimes
simply
go
to
an
answering
machine,
or
a
constantly
cycled
message
recorder.
The
fraudsters
attempt
anyway
to
generate
the
highest
number
of
calls
and
longest
calls
possible
to
create
as
high
of
a
billing
charge
to
the
originating
operator
network
the
calls
first
arrive
on.
Another
variant
uses
the
computers
of
existing
subscribers
as
the
callers.
The
fraud
committer
contracts
for
a
premium
rate
service
and
then
distributes
viruses
or
other
types
of
programs
through
email
or
web
sites
that
become
resident
in
the
computers
of
legitimate
subscribers.
If
the
subscribers
have
a
modem
connected
to
their
computer
for
Internet
access,
the
programs
control
the
modem
to
dial
the
premium
rate
numbers.
Some
programs
work
during
or
immediately
after
an
Internet
dial-‐up
access
session.
Fraud Prevention
Bypass Route Detection
Bypass
route
detection
can
be
performed
via
multiple
methods.
One
measure
that
is
definitive
in
nature
providing
real
evidence
with
regard
to
Bypass
Fraud
is
the
use
of
non-‐passive
forced
network
call
generation.
In
this
method
third
party
service
providers
generate
traffic
to
operator
networks
from
remote
points
and
then
analyze
the
traffic
actually
received
(non
published
non
active
call
to
numbers,
mobile
or
fixed)
to
identify
instances
where
what
should
be
showing
as
inbound
international
traffic
as
actually
showing
as
on-‐net
traffic
or
traffic
from
another
local
network.
These
systems
can
be
very
different
vendor
by
vendor.
The
software
developed
to
operate
these
systems
needs
to
be
flexible,
user
definable
and
automated
with
regard
to
“detecting”
where
bypass
fraud
may
be
most
relevant
via
origination
market.
This
in
itself,
creates
the
ability
to
self
manage
call
origination,
which
provides
the
quickest
route
to
bypass
number
detection.
In
many
cases,
operators
can
create
an
environment
that
integrates
such
systems
together,
via
API
software
instruction
sets
which
automatically
or
via
a
manual
selected
method,
validates
the
numbers
detected
and
then
“shuts
down”
or
suspends
detected
numbers.
Reporting
is
very
important
to
operators;
where
they
are
looking
to
reduce
international
revenue
losses
by
the
minute
with
near
real
time
notification
systems
and
other
very
progressive
call
management
and
monitoring
capabilities.
SIM Box Detection using Fraud Management Systems
Another
method
to
detect
harmful
inbound
international
bypass
traffic
to
revenues
is
through
passive
software
trending
and
analysis
systems,
generally
referred
to
as
fraud
management
systems
(FMS).
These
systems
work
by
collecting
the
total
CDR
activity
of
the
operator
and
applying
analytics
against
the
CDR
data
(generally
collected
via
a
middle
ware
software
feature)
that
produce
unwarranted
call
traffic
patterns
of
multiple
types.
9.
8
|
P a g e
w w w . t e r a l i g h t . c o m
-‐
T L T
+ 9 7 1 . 5 0 . 4 5 9 . 7 2 1 7
Operators
make
use
of
their
fraud
management
systems
(‘FMS’)
to
identify
suspect
devices
on
the
network.
Examples
of
some
of
the
markers
monitored
include:
! Unusual
traffic
flows
and
volumes
! Mobile
Origination
to
Mobile
Termination
ratio
! Unusual
called
number
spreads
! A-‐typical
traffic
peaks
for
on-‐net
traffic
! Many
SIM
card
identities
(IMSIs)
to
a
single
equipment
identity
(IMEI)
! Use
of
only
one
cell
site
! An
absence
of
SMS,
data
or
roaming
service
use
Non-‐passive
systems
are
intelligent
and
become
more
effective
over
time,
for
trends
are
detected
and
all
stakeholders
involved
in
the
detection
process
gain
better
understanding
of
where
call
traffic
originates
and
terminates
that
has
a
higher
probability
of
bypass
routes
being
used.
In
addition,
other
types
of
fraud
can
be
detected,
such
as
false
answer
supervision;
where
billing
mechanisms
are
used
to
alter
answer
supervision
traits
of
calls,
such
as
true
call
origination
times
versus
billing
start
times,
as
well
as
the
true
call
termination
times
versus
call
cutoff/termination
times.
Hybrid
analysis
is
effective,
where
both
passive,
non-‐passive
(active)
and
other
fraud
management
systems
collaborate
to
merge
their
alerts
in
order
to
more
efficiently
detect
instances
of
bypass
fraud.
10.
9
|
P a g e
w w w . t e r a l i g h t . c o m
-‐
T L T
+ 9 7 1 . 5 0 . 4 5 9 . 7 2 1 7
IRSF -‐ Premium Number Fraud Prevention
The
following
steps
can
be
taken
to
prevent
premium
number
fraud.
• Monitor
calls
going
to
suspicious
number
ranges
or
premium
numbers
prefixes
or
high
termination
cost
destinations
• Enlisting
the
services
of
black
listed
number
databases,
which
operators
can
use
to
help
monitor
network
termination
usage
and
help
block
calls
to
suspicious
number
ranges
or
premium
number
ranges
• Call
trending
software
management
systems
which
can
track
calls
and
monitor
the
types
of
numbers
they
connect
to,
limiting
length
of
calls
and
also
velocity
of
calls
to
specific
numbers
designated
by
the
user
defined
systems
• Education
support
to
clients,
customers
and
operators
on
various
security
procedures
related
to
these
types
of
fraud
and
collectively
working
together
operator
to
operator
to
help
reduce
the
money
in
the
system.
If
the
money
is
removed,
the
fraud
will
disappear.
• Reform
Policy
and
Regulation
to
assist
in
setting
progressive
rules
helping
to
create
an
environment
in
which
fosters
more
secure
network
usage.
• Develop
systems
that
share
“billing
data”
as
close
to
real
time
as
possible
in
an
inter-‐operator
ecosystem,
thus
helping
reduce
risk.
• Monitor
calls
to
hot
number
lists
like
o GSMA
Hot
B
Number
list
o CFCA
Hot
B
Number
list
o Commercial
Suppliers
in
this
space
also
have
blacklist
databases
Conclusion
There
are
multiple
dimensions
and
types
of
telecoms
fraud.
In
this
effort,
two
of
these,
being
IRSF
and
Bypass
fraud
are
addressed,
due
to
the
propensity
for
very
high
losses
to
revenue
of
the
operators.
The
operators
are
annually
investing
in
infrastructure
technology,
such
as
LTE,
FTTX
and
other
high
speed
broadband
enablers
and
the
loss
in
above
the
line
revenues
and
profits
effect
investment
capability.
Bypass
fraud
is
an
international,
multi-‐billion
dollar
criminal
environment
and
a
major
threat
to
enterprises,
as
it
can
inflict
monetary
damages
of
hundreds
of
thousands
of
dollars
almost
overnight.
These
frauds
are
among
the
top
5
emerging
threats
to
CSPs
worldwide,
and
cost
the
industry
over
USD
3
billion
per
year
according
to
the
Communications
Fraud
Control
Association
(CFCA
report
2011).
On-‐Net,
Off-‐Net
and
IRSF
-‐
Premium
hijacking
fraud
are
causing
severe
losses
to
telecommunication
network
operators
worldwide.
Advanced
well
thought
out
solutions
need
to
be
implemented
depending
upon
requirements
of
the
network
and
the
type
of
fraud
taking
place.
This
paper
has
discussed
the
repercussions
of
telecom
fraud
as
well
as
several
potential
measures
that
can
be
taken
to
reduce
the
risk
of
revenue
losses.
Most
undoubtedly,
the
best
way
to
truly
attack
this
disease
of
revenue
shifting,
is
for
the
network
operators
to
find
the
means
to
momentarily
put
aside
their
kindred
competitive
spirit
and
work
collectively
together
sharing
data
and
information,
along
with
contributing
to
international
databases
(as
near
real
time
basis
as
possible)
jointly.