The new joint Cyber-Telecom Crime Report 2019, published by Europol and Trend Micro today focusses on the dangers resulting from our reliance on telecommunications technology and the ways cyber-criminals exploit vulnerabilities and access information.
It gives an overview of how telecom fraud works and provides a technical guide for stakeholders in the telecoms industry.
Over €29 billion per year
Telecom fraud is described as a low-risk alternative to traditional financial crime due to reduced cost and increased availability of hacking equipment. The cost of telecommunications fraud is estimated at €29 billion a year.
The main goal of criminals is to gain access to customers’ or carriers’ accounts, where debt can be incurred in the criminal’s favour. Attacks include:
Vishing calls. Vishing - a phone scam in which fraudsters trick victims into divulging their personal, ?nancial or security information or into transferring money to them.
One (ring) and cut or Wangiri -Japanese for ‘one ring and drop the call’ – where criminals trick victims into calling premium rate numbers. A fraudster will set up a system to dial a large number of random phone numbers. Each call rings just once then hangs up, leaving a missed call on the recipients’ phones. Users often see the missed call and, believing it to be legitimate, call the premium rate number back.
International Revenue Sharing Fraud (IRSF) involves transferring monetary value from one carrier to another, based on the inter-carrier trust between telecom operators. Patient fraudsters wait for the logs to expire before executing any further money laundering steps.
The cyber-telecom intelligence fusion
The Europol EC3 CyTel working group, created in 2018, brings together more than 70 experts from law enforcement and global partners from the telecommunications industry, in order to share intelligence, knowledge and experience, and the techniques required to combat this type of fraud.
‘Telecommunications fraud is another example of criminals "hacking the system" in order to abuse legitimate enterprises for criminal gain,’ said Steven Wilson, head of the Europol’s European Cybercrime Centre, ‘While this is not a new crime area, it does represent a new challenge for many law enforcement agencies throughout the European Union.’
Craig Gibson, principal threat defence architect at Trend Micro, added: ‘We trust that our phones will work, that we can work from home, that we can be paid through our ATM accounts, and that we can shop online. We tend not to think about what is under the covers of the unseen global network we rely on so much.’
Alongside the report, Europol has launched its #TelecomFraud awareness webpage.