Continuing our series on different types of mobile fraud, Mark Yelland analyses the risks of call selling to mobile operators.
Call selling is the practice of selling service to customers at below market rates but using another person’s system and equipment to deliver that service.
The usual practice is to sell cheap international calls to an expat community. The community may well not be aware that the service they are using is illegal and is generally in support of cheaper calls back home.
The operator may have to make payments to his international partners as they will have connected a call. He will have a potential irate customer who will be experiencing bill shock and have the option of writing off all or part of the bill and the possibility of the customer churning. There is no relationship between the fraudster and the calls being made.
In addition to the System Access Fraud described above, there are other ways of getting access to the network, some are:
- Voicemail feed through – where someone has left open their voicemail platform and as one of the options is to “dial another number” without restricting the number to be internal to the organisation.
- Stolen mobile phones – using the three-way calling to set up numerous concurrent calls from the customers to the mobile and then three-way calling to the far end.
- Seizing the circuit from a cordless phone from outside the premises
- Friendly switch engineer providing a circuit that does not generate a billing record
- Out-of-hours security accessing the PBX
The fraudster makes money by selling the calls to his customers. The key indicator is the traffic pattern unexpectedly changing for a customer.
Although the network could legally require the customer to pay for the fraudulent traffic, there is usually some compromise agreement reached. Again, the weakness being exploited is the failure of the customer to secure his equipment from external or internal threats by implementing a strong security policy.