Академический Документы
Профессиональный Документы
Культура Документы
2
2017 Survey
In which region are you located?
35.0% 34.2%
30.0%
25.0%
20.0%
15.2%
15.0% 12.7%
8.9% 8.9%
10.0% 7.6%
6.3% 6.3%
5.0%
0.0%
Asia South Central North Western Eastern Africa Middle
Pacific and America Europe Europe & East
South Russia
America
Note: Local, Regional, National and International CSPs participated in the survey
3
2017 Survey
How many subscribers does your company have?
Wholesale Only (no
50,000,001 + end user subscribers)
17.39% 4.35%
25,000,001 to
50,000,000
15.22% <10,000
8.70%
1,000,001 to
10,000,000
32.61%
4
2017 Survey
What functions apply to your current role and
responsibilities?
Internal Fraud Investigation 38.8%
Vendor/Consultant 2.0%
Law Enforcement 12.2%
Security/Network 16.3%
Legal/Regulatory 14.3%
Finance/Billing/Revenue Assurance 36.7%
Customer Service 18.4%
Fraud Detection 89.8%
End User 2.0%
Security/Physical 8.2%
Operations 20.4%
Sales/Marketing 8.2%
Fraud Investigation 81.6%
Systems Administrator 10.2%
0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0% 70.0% 80.0% 90.0%
Compared to 2015, 5% more time is going to detecting fraud and 14% more time is going to
Customer Care, Billing and Revenue Assurance functions.
5
2017 Survey
Where is your fraud department situated?
Security 25.58%
Operations 9.30%
IT 2.33%
Finance 46.51%
Compared to 2015, departments under Finance shrank by >10% (57% in 2015). However,
Customer Care, Operations and Security each grew by approx. 4%. Some Fraud departments
also reported moving to Revenue Assurance, Collections, Business Intelligence.
6
2017 CFCA Survey –
General Fraud Trends
7
2017 Survey
Direct revenue impacts to CSPs is shifting into
other areas. CSP services are being used to
perpetrate fraud across other industries. 23.3%
% Revenue Loss
4.0%
3.5%
%
3.0% 2017
Var
2.5%
Estimated $2.30
+2.2
2.0% Global Trillion
%
1.5%
Revenues (USD)
Estimated $29.2
1.0% -
Global Fraud Billion
23.3%
0.5% Loss (USD)
0.0% % Loss* 1.27% -0.4%
2008 2011 2013 2015 2017
8
2017 Survey
Global Fraud Loss Estimate:
$29.2 Billion (USD) annually
1.27% of global telecom revenues
The 23.2% decrease from 2015 is attributed to several factors
including:
Increased collaboration and coordination between
carriers within the industry and with law enforcement
Cessation of casual dialing on major US carrier networks
11
For more information please visit: www.cfca.org/fraudlosssurvey/
2017 Survey
What do you view as the top 5 fraud methods
GLOBALLY? 0% 2%
Total
4% 6% 8%
% of Responses
10%
PBX Hacking
IP PBX Hacking
Account Takeover
Phishing / Pharming
Payment Fraud
In 2015, the top five were: PBX Hacking, IP PBX Hacking, Subscription Fraud
(Application), Internal Fraud/Employee Theft, and Subscription Fraud (Identity)
12
2017 Survey
What do you view as the top 5 fraud methods
at YOUR COMPANY? 0.0% 1.0% 2.0% 3.0% 4.0% 5.0% 6.0% 7.0%
PBX Hacking
IP PBX Hacking
Account Takeover
Phishing / Pharming
Payment Fraud
In 2015, the top five fraud methods were PBX Hacking, IP PBX Hacking,
Subscription Fraud (Application), Dealer Fraud and Subscription Fraud (Identity)
13
2017 Survey
2017 Estimated Fraud Losses by Method
Abuse of network, device (in $ USD Billions)
or configuration
weakness; $1.3 Spoofing (IP or Dealer Fraud; $1.1 Social Engineering; $1.0
CLI/ANI); $1.3 Signalling
Payment Fraud; $1.4
Wangiri (Call Back Manipulation;
Schemes); $1.0 $0.8
Phishing / Pharming; $1.4
Robocalling; $0.9
Internal Fraud / Employee
Brand Name /
Theft; $1.5
Logo Abuse;
$0.6
Mobile
Account Takeover; $1.7 Malware; $0.6
Pre-Paid
Equipment &
Services; $0.6
SMS Faking or
Spoofing; $0.6
Abuse of Service Voicemail Hacking
Terms and (Not associated with
Conditions; $1.7 PBX Hacking); $0.6
Subscription Fraud (Credit Clip-on Fraud;
Muling/Proxy); $1.8 $0.5 IMEI
Reprogramming;
$0.6
Subscription Fraud
(Application); $1.9 SIM Cloning; $0.4
IP PBX Hacking; $1.9 Subscription Fraud
PBX Hacking; $1.9
(Identify); $2.0
14
2017 Survey
What do you view as the top 5 fraud types at
YOUR COMPANY?
(In-Network) 0.0% 5.0% 10.0% 15.0% 20.0% (Roaming) 0.0% 10.0% 20.0% 30.0%
Arbitrage
Arbitrage
In 2015, the top fraud types were: IRSF, Interconnect Bypass, Arbitrage, Premium
Rate Service, Device/Hardware Reselling and Theft/Stolen Goods
15
2017 Survey
(Combined) 2017 Estimated Fraud Losses by Type Denial of Service (DoS)
and Distributed Denial of
(in $ USD Billions) Service (DDoS); $0.6
Cable or Satellite; $0.7 Commissions Fraud;
Wholesale Fraud; $1.3 $1.0
Arbitrage; $3.3 Domestic Revenue
Theft of Content; $0.2
Share (DRSF); $1.4
Theft / Compromise of
data (e.g. logins); $0.2
Device / Hardware
Theft / Stolen Goods; $3.0 Reselling; $2.0
Service
Reselling (e.g: Private Use; $1.0 Friendly Fraud; $1.3
Call Sell); $0.5
Premium Rate
Interconnect Bypass (e.g.
Service; $2.4
SIM box); $4.3
International Revenue
Share Fraud (IRSF); $6.1
16
2017 CFCA Survey –
Fraud Locations
17
2017 Survey
Top 10 Countries That ORIGINATE Fraudulent Calls:
6%
5%
4%
3%
2%
1%
0%
In 2015, the top 3 countries were United States, Pakistan and Spain.
18
2017 Survey
Top 10 Countries Where Fraud TERMINATES:
8% 8%
7%
6%
5% 5%
4% 4% 4%
4% 3%
3% 3% 3%
3% 3%
2%
1%
0%
In 2015, the top 3 countries were Cuba, Somalia and Bosnia & Herzegovina
19
2017 CFCA Survey –
Company Losses
20
2017 Survey
What percentage of the total GLOBAL telecom
revenue base do you think is fraud?
30%
25%
22.0%
% Total Responses
19.5%
20%
17.1% 17.1%
15%
9.8% 9.8%
10%
4.9%
5%
0%
< 1% 1-2% 2-3% 3-4% 4-5% 5-10% > 10%
2013 12.3% 26.3% 15.8% 17.5% 8.8% 10.5% 8.8%
2015 18.9% 16.2% 21.6% 16.2% 13.5% 10.8% 2.7%
2017 17.1% 17.1% 22.0% 19.5% 9.8% 4.9% 9.8%
In 2013, a majority of CSPs believed fraud losses were between 1-2%. In 2015
and 2017, the consensus shifted to between 2-3%.
21
2017 Survey
Comparison Between 2011-2017 Survey
Results in YOUR COMPANY
70.0%
62%
60.0%
50.0%
40.0%
30.0%
21%
20.0%
8% 8%
10.0%
3%
0% 0%
0.0%
< 1% 1-2% 2-3% 3-4% 4-5% 5-10% > 10%
Since 2013 CSPs have report fewer fraud losses per year. In 2015, 60% of
CSPs reported losses less than 2%. In 2017, 82% reported losses less than 2%.
22
Communications Fraud Control Association
4 Becker Farm Road 4th Floor
PO BOX 954
Roseland, NJ 07068
fraud@cfca.org email
www.cfca.org website
23
About Communications Fraud
Communications fraud is the use of telecommunications products
or services with no intention of payment. Fraud negatively impacts
everyone, including residential and commercial customers. The
losses increase the communications carriers’ operating costs.
Although communications operators have increased measures to
minimize fraud and reduce their losses, criminals continue to
abuse communications networks and services. Therefore,
communications operators tend to keep their actual loss figures
and their plans for corrective measures confidential. Due to the
sensitive nature of this topic, CFCA used a confidential opinion
survey of global communications operators to support the global
fraud loss study.
24
About CFCA
CFCA is a not-for-profit global educational association that is
working to combat communications fraud. The mission of the
CFCA is to be the premier international association for revenue
assurance, loss prevention and fraud control through education
and information. By promoting a close association among
telecommunications fraud security personnel, CFCA serves as a
forum and clearinghouse of information pertaining to the
fraudulent use of communications services. For more
information, visit CFCA at www.CFCA.org.
25
Thank You
26
2017 Survey
Fraud Method Definitions:
Fraud Method Description
Abuse of network, device or configurationExploitation of a configuration weakness to gain access to a network or device; Includes VoIP equipment such
weakness as a modem or router.
Abuse of Service Terms and Conditions Violation of the carrier's service terms and conditions or acceptable use policy.
Account Takeover Manipulation and utilization of existing customer account in order to gain devices or service
Brand Name / Logo Abuse Acquisition and use of a company's logo without permission
Clip-on Fraud Stealing service by attaching wires to another customer's phone equipment
Dealer Fraud All types of fraud conducted by indirect and 3rd party dealers
IMEI Reprogramming Changing the IMEI of a handset to hide the true origination or identity of a caller
Internal Fraud / Employee Theft Theft of service or equipment by employees; Also includes abuse of company's credit and adjustment policy
Mobile Malware Compromised Mobile Applications
PBX Hacking Compromised PBX systems used to make calls
IP PBX Hacking Compromised IP PBX used to make fraudulent calls
Phishing / Pharming Theft of personal info or credentials via hacking, phishing, vishing, etc…
Pre-Paid Equipment & Services All types of fraud and abuse involving pre-paid equipment and services
Robocalling Use of computerized auto-dialers to deliver pre-recorded messages to perpetrate fraud.
Signalling Manipulation Manipulation of the SIP or SS7 signaling message to hide the true origination or identity of a caller
SIM Cloning Duplicated SIM card used to charge phone calls back to the original SIM card
SMS Faking or Spoofing Manipulation of the ANI to hide the true origination or identity of SMS or MMS
Social Engineering Manipulation of an employee or customer to unintentionally give out important information
Spoofing (IP or CLI/ANI) Manipulation of the IP address/CLI/ANI to hide someone's true origination or identity
Subscription Fraud (Application) Creation of false details to gain access to goods and services with no intention to pay
Utilization of real identity details (with authorisation for payment) to obtain goods and services with no
Subscription Fraud (Credit Muling/Proxy)
intention to pay
Utilization of a real identify without the owners knowledge to obtain goods and services with no intention to
Subscription Fraud (Identify)
pay
Voicemail Hacking (Not associated with
Compromised voicemail system used to make calls
PBX Hacking)
Wangiri (Call Back Schemes) Call back fraud schemes
Payment Fraud Utilization of stolen credit cards, debit cards or counterfeit checks in order to obtain service
27
2017 Survey
Fraud Type Definitions:
Fraud Type Description
Arbitrage Exploitation of the differences in rates between different countries
Cable or Satellite Signal theft or retransmission from a cable or satellite provider
Commissions Fraud Schemes used by dealers to collect additional commissions and spiffs
Denial of Service (DoS) and
Distributed Denial of Service An explicit attempt to make a machine or network resource unavailable to the users of a service
(DDoS)
Domestic Revenue Share Abuse of Carrier Interconnect agreements through such things as Traffic Pumping, Switch Access Stimulation, 8yy
(DRSF) Dip Pumping and CNAM Revenue pumping schemes
Device / Hardware Reselling Resold equipment such as handsets, tablets, IPTV devices, routers…
Friendly Fraud Utilization of Charge Backs, Returned Checks, Card Holder Not Present, etc… to perpetuate services
Interconnect Bypass (e.g. SIM Unauthorized insertion of traffic onto another carrier’s network. This includes Interconnect Fraud and GSM
box) Gateway Fraud or SIM Boxing.
International Revenue Share
Artificial inflation of traffic terminating to international revenue share providers
Fraud (IRSF)
Premium Rate Service Artificial inflation of traffic terminating to premium service providers
Private Use Use of a service neither directly nor indirectly paid for without rendering some kind of financial compensation
Service Reselling (e.g: Call Sell) Resale of stolen phone services
Theft / Compromise of data
Includes such things as the acquisition of personal information or intellectual property
(e.g. logins)
Theft / Stolen Goods Equipment Theft
Theft of Content Stealing content such as ringtones, games, or applications
Wholesale Fraud Exploitation of wholesale interconnect agreements
28