Shout Telecoms - Voice Fraud Detection

Voice Fraud Detection

The Shout Voice Fraud Monitoring & Alerting application allows you to reduce the high cost impact of fraud by detecting the early warning signs before the situation escalates.

The Background

One of our network clients approached us with a problem; their business customers were being targeted by fraudsters who had hacked their PBX systems and generated large amounts of fraudulent traffic. They estimated the cost of fraud to their network to be in excess of £200k per annum and wanted to work with Shout to address the problem. Whilst they accepted that it was not possible to completely prevent fraud occurring, they believed it should be possible to identify likely fraudulent traffic early enough to allow them to act and therefore limit the impact on both their customers and on the network.

The Solution

Without going into the specifics (sorry fraudsters), we developed a solution that automatically monitors the network voice traffic of every customer/subscriber and builds an expected voice traffic profile. We then added configurable alerts that enable the network security teams to adjust the % deviation against each customer's normal traffic profile at which they will be alerted. In this way the network can adjust the acceptable risk profile on both customers and calling destinations.

This allowed them to more closely monitor any unusual spikes in voice traffic to known fraud destinations like Eastern Europe, India, Pakistan, Cuba and Africa, whilst at the same time choosing to reduce alerts for individual customers who regularly call these destinations until a much higher traffic deviation occurs. The ability to configure monitoring and alerting by both destination prefix and by customer, allows our customer to limit the number of false alerts whilst ensuring high value international prefixes are closely monitored.

What fraud can the Shout system prevent?

Primarily Shout deal with the B2B departments of our larger network customers and with smaller networks specifically focused on the B2B market. Therefore, we were mostly interested in business voice fraud and in particular PBX Fraud, and that is exactly what our platform addresses. But how do criminals make money from hacking a PBX?

Put simply they gain access to the pbx configuration settings, either by sophisticated hacking tools or by simple user incompetence (incorrectly configured firewalls, poor security settings, lack of maintenance as well as the use of default passwords etc). Once inside a PBX they can exploit in-built features such as voicemail, call forwarding and call diversion to direct calls to a number of their choosing. This will often be to premium rate or international numbers. Normally this will be undertaken out of office hours and the company who owns the PBX won’t know anything about it until they get a bill from their telecoms provider for many thousands of pounds.

Fraudsters typically make money in one of two ways:

Dialling premium rate numbers that are associated with international calling companies
Dialling international numbers through the compromised telephone system

In both instances the suspects will either have a share in the revenue generated by the calls or they will be paid for their hacking services in advance.

How does Shout prevent PBX Fraud?

We prevent it by alerting a network when one of their customer's voice traffic is showing unusual spikes in traffic to high risk phone numbers both abroad and in the UK. This allows the network to take the following actions:

Contact the client to establish whether the suspicious calls are expected
Block access to international destinations for that customer - either all destinations or to those destinations that are showing unusual traffic spikes

We are able to do this because our Fraud Detection Engine has a learning algorithm that establishes an expected traffic profile for every customer on the network, and it doesn’t just establish a weekly profile, it builds an anticipated traffic profile for every day, all the way down to the international prefix and even then all the way down to the prefix for the telecoms provider and number range in those destinations.

Below is a technical diagram showing the elements of the platform, but if you would like more information about how the Shout Fraud Detection system can save both you and your customers money and heartache, please contact our sales team who will be happy to discuss the platform in more depth.

Fraud Prevention Network Diagram