Spam, phishing, wangiri, etc are driving an increase in voice fraud
35% increase
105% increase
Voice attacks
A decrease in outbound attacks (for example IRSF) is balancing out the rise of voice fraud
This is due to:
The number of voice fraud attacks has grown steadily between 2021 and 2023, reflecting the global trend. However, in Q1 of 2024, there was a sharp increase of 35% compared to Q3 of 2023; if the trend continues, voice fraud will easily be the most dangerous type of fraud for operators and consumers alike.
Interestingly, the spike in voice fraud is no longer fueled by more traditional, outbound traffic fraud. In fact, the rates of outbound traffic fraud, such as IRSF (International Revenue Share Fraud), which once accounted for over are now in decline. This shows that prevention solutions for this type of traffic have become a lot more sophisticated and successful at putting a stop to fraud attacks.
The uptick in voice fraud is instead driven by spam calls, which are notoriously more difficult to filter and block than outbound fraud. MNOs’ focus should be on updating their voice fraud protection solutions to minimize the risk represented by spam calls.
These tactics generate fraudulent revenue by tricking victims into accepting calls or messages from costly international or premium numbers, urging the end users to issue payments through malicious means or by obtaining personal information from consumers in a deceitful manner. Common examples in voice services include:
One of the most harmful types of spam call, Wangiri consists in fraudsters tricking people into calling premium rate phone numbers. “Wangiri” is Japanese for “one ring and drop”: fraudsters usually call victims from a premium rate number but hang up after just one ring, encouraging victims to call back to find out what the missed call was about. The victims then start paying for a premium rate call, and criminals benefit from the related fees.
In 2023, one of the UK’s leading operators, Vodafone, issued a warning to all customers who own an Android smartphone or iPhone about Wangiri fraud, offering refunds to all those affected. While no data was shared regarding the volume of Wangiri fraud Vodafone customers had encountered, it is likely to be substantial if it warranted a large-scale warning.
Phishing is one of the oldest tricks in the book. Fraudsters use scam calls to trick victims into sharing personal information or giving away money directly. Recently, the volume of phishing calls has increased, likely due to technological advancements. Cybercriminals can now use artificial intelligence to faithfully mimic the voices of real people, greatly increasing the likelihood of victims believing they are on the phone with someone they know. This represents a huge risk for operators wishing to keep their customers safe.
The rate of AI-generated spam calls has risen so much in recent years that the US Federal Communications Commission officially outlawed them in February 2024, in a unanimous decision. This came after thousands of voters received an unsolicited call using President Biden’s fake voice, instructing them to abstain from voting in the primary elections.
Generates fraudulent revenue through increased outbound traffic on the network.
International Revenue Share Fraud (IRSF) is a pervasive form of fraud where attackers artificially inflate traffic to premium rate numbers. This is usually done by using stolen SIM cards, compromised infrastructure or compromised mobile devices to make void calls to premium numbers and taking advantage of OTP requests. Attackers make a profit from each individual transaction, amounting to significant losses for the operator over the long term.
Though the volume of IRSF fraud has been on the decline in recent years, it remains a significant problem for mobile operators – so much so that the Global Leaders’ Forum and i3Forum have recently released a new Code of Conduct to fight this specific type of fraud. The updated Code of Conduct sets out new principles to combat fraudsters, such as monitoring and reporting fraudulent activity and taking timely steps to stop payments to fraudsters.
Introduction: new risks require new solutions
Chapter 1 | The impact of inbound and outbound voice fraud attacks
Chapter 2 | Smishing, AIT, and other challenges facing SMS
Chapter 3 | Fraudsters target entire telecommunications networks
Chapter 4 | Comprehensive solutions for a complex problem