July 16, 2019
Telco Fraud: Why this Industry is Unique in the Cybercrime Landscape
Posted January 15, 2019
According to a new report from ThreatMetrix telco fraud is quickly taking on new contours that could spell big trouble in the year ahead, thanks in no small part to the unique position this industry finds itself within a rapidly changing threat landscape.
Indeed, with online and mobile technologies redefining their role as an essential enabler of the digital world, telcos are quickly finding themselves equal parts victim, source, and avenue for cyberattacks that threaten their bottom lines.
Fraud in all its forms already costs the global telecommunications industry somewhere between $17 billion and $29 billion per year. But as we enter 2019, those numbers could spike significantly as the industry races to mitigate its trifecta of cyber-challenges—and find solutions by assessing the risks and trends in fraud being felt throughout the industry and beyond.
Endpoint Attacks: ID Fraud and Account Takeover
The accelerating move into digital channels to meet the demands of today’s want-it-now consumer and booming global demand for exciting new mobile services are creating a double-edge sword. The same technologies fueling growth also make it easier for thieves to defraud operators and consumers alike, thanks to the cheap sale of billions of stolen identity credentials.
Case in point: Subscription fraud, which involves the use of stolen identity credentials to open up new accounts or to take over existing ones in order to acquire pricey new smartphones and post-paid services to sell online.
Data from the ThreatMetrix Identity Abuse Index shows that spikes in the exploitation of stolen identity information have correlated with high-profile handset launches for the past four years, including particularly large increases seen around rollouts of new iPhones in September 2015 and January 2018.
By some industry estimates, telco subscription fraud now costs the industry more than $12 billion a year, though some peg losses at between 3% and 10% of operators’ annual profits, which would put potential losses much higher. This can go undiscovered by consumers for months.
Channel of Attack: Data Access and Social Engineering
One thing telcos are learning as they open up new channels is the need to provide simple, easy access to accounts in order to stay competitive in an increasingly crowded field. But that same push for ease helps open up their networks to becoming gateways for fraud.
As the New York Times reported in late December, for about the price of lunch at a fast-food restaurant, thieves and spies are buying and erecting cell site simulators that trick smartphones into connecting with them without the owner’s knowledge, redirecting and intercepting text messages containing one-time passwords for bank customers, among other schemes.
According to the Financial Times, there also were nearly 35,000 instances of authorized push payment fraud in just the first six months of 2018, in which fraudsters sent text messages that tricked victims into transferring £145 million directly to them. Average lost per victim: £11,402.
In other attacks, fraudsters impersonate operators and contact customers with the promise of helping fix a slow Internet connection, or claiming that a customer’s personal details have been hacked. The fraudster then tricks the customer into handing over remote access to their computer, eventually conning them into forking over banking credentials via fake login screens.
The Source of Attack: App Fraud and SIM Swaps
Sometimes, fraudsters target account takeovers not to defraud the operator through handset theft and subscription fraud, but rather to target consumers by manipulating their services and apps. As the origin of such attacks, operators risk serious reputational damage that can destroy their competitive standing.
Think about it. Many mobile services and apps use the mobile device as the contact point for identity verification, with mobile accounts becoming a key part of the authentication journey—most notably banking.
Among the most nefarious of all attacks: the SIM swap, in which fraudsters use stolen identity information to trick an unsuspecting (or sometimes, complicit) telco call-center employee into moving the victim’s mobile phone number to a different SIM card. Once that switch has been completed, fraudsters can then reset passwords on the victim’s accounts—including banking—by using the redirected victim’s mobile phone number as an authentication token.
In November, for instance, word hit that a 21-year-old is facing prosecution for a SIM swapping scheme that allegedly resulted in the theft of one victim’s entire life savings, and more than $1 million overall.
Unique Role, Common Challenges
None of this is happening in a vacuum, of course. As telcos become more aware of the threats to their emerging digital channels, they’ll increasingly recognize the need to watch cybercrime trends in related sectors in order to address evolving attack patterns in their own.
As telcos establish themselves as digital merchants in the selling and financing of handsets and contracts, for instance, they are likely to face many of the same challenges seen by eCommerce merchants. In that sector, ThreatMetrix data finds new account creation attacks grew 130% in the second quarter of 2018 compared to the same period in 2017.
Meanwhile, the media industry is similarly finding itself a channel for a growing number of cyberattacks, as fraudulent account creations are the key stepping stone to phishing and social engineering ploys. And given its role as an authenticator, mobile will be ground zero for attacks in financial services, which are growing at almost twice the rate of overall attacks in the sector. All of these trends point to threats telcos can expect in the year ahead.
A Call to Arms
Just as with these other industries, effective protection against fraud in telecommunications will rely on modern, enterprise-class identity solutions that can accurately distinguish between legitimate customers and cybercriminals in near real time. Look for solutions that offer globally-crowdsourced identity and threat intelligence, which prove especially effective for telcos facing threats on every front.
It won’t be easy. But the few that navigate these challenges most effectively are likely to rank among the best positioned for success in a booming (and dangerous) marketplace in 2019 and beyond.
To learn more about these threats and how to counteract them download a copy of “Understanding the Unique Telco Role in the Evolving Cybercrime Landscape”