Happy Dominion Day !

It is an unfortunate fact that the hackers of the world like to plan their attacks on public holidays when network supervision may not be at its highest.

Please remember to be vigilant this Dominion Day (Canada Day for all you young’uns) and guard access to your switches.

AurorA has to deliver any traffic that is sent to it , so you are responsible for any unauthorized access to your network. AurorA will pass on any alerts that it gets of suspicious traffic patterns. AurorA has also implemented automatic blocking of B numbers once we detect a suspicious fraudulent traffic pattern in an attempt to minimize losses.

As highlighted on this blog AurorA has taken other steps such as the weekly reports of suspicous blocked call attempts, robust and accurate dial plan and intensified focus on high quality terminating routes.

Have a safe and happy long weekend !

Timo Vainionpaa

Victoria Day, Royal Weddings and Fraud

This weekend is the unofficial start of summer here in Canada, with the first long weekend of the season. It is the Victoria Day weekend, more commonly known as May Two-Four. On top of that there will be a Royal Wedding on Saturday as Prince Harry and Ms. Meghan Markle tie the knot at St George’s Chapel at Windsor Castle. And that will be followed by the FA Cup being contested at Wembley Stadium (Go Chelsea !).

ALERT ! It is an unfortunate fact that the hackers of the world like to plan their attacks on public holidays when network supervision may not be at its highest. There is so much going on that the criminals will be out in force relying on our attention being diverted elsewhere.

Please remember to be vigilant this Victoria Day long weekend and guard access to your switches.

AurorA has to deliver any traffic that is sent to it , so you are responsible for any unauthorized access to your network. AurorA will pass on any alerts that it gets of suspicious traffic patterns. AurorA has also implemented automatic blocking of B numbers once we detect a suspicious fraudulent traffic pattern in an attempt to minimize losses.

As highlighted on this blog AurorA has taken other steps such as the weekly reports of suspicous blocked call attempts, robust and accurate dial plan and intensified focus on high quality terminating routes.

Have a safe and happy Victoria Day weekend and enjoy the fireworks. Blessings to the Royal couple, Harry and Meghan.

Timo Vainionpaa

Telecom Fraud never takes a holiday

It is an unfortunate fact that the hackers of the world like to plan their attacks on public holidays when network supervision may not be at its highest.

Please remember to be vigilant this Easter season and guard access to your switches.

AurorA has to deliver any traffic that is sent to it , so you are responsible for any unauthorized access to your network. AurorA will pass on any alerts that it gets of suspicious traffic patterns. AurorA has also implemented automatic blocking of B numbers once we detect a suspicious fraudulent traffic pattern in an attempt to minimize losses. 

As highlighted on this blog AurorA has taken other steps such as the weekly reports of suspicous blocked call attempts, robust and accurate dial plan and intensified focus on high quality terminating routes.

Have a safe and happy Easter season .

Timo Vainionpaa

Fraud Protection – Caribbean

In our last few posts we have outlined some of the fraud threats that we face in providing international voice termination. Specifically we have looked at International Revenue Sharing Fraud. See my posts here and here

Today I want to alert you to the new hotspot for fraud, the Caribbean. Certain carriers in the Caribbean are reselling telephone numbers for Revenue Sharing and assigning them to hackers.

This is a huge threat for fraud. First, it is not viable to block the whole route as most carriers have legitimate traffic to the destination, especially here in Canada where there is a large diaspora from the Islands. Blocking all of Albania-Mobile is easy to do, your customers don’t call there. Blocking all of Jamaica- Mobile is a non-starter.

Secondly, the Caribbean is covered by the North-American Numbering Plan so the destinations don’t appear to be international calls. They follow the same one plus area code dialling pattern as Canada and the United States. Thus for end customers and their PBX’s, they may not have prepared for fraud from these numbers as they would have for other overseas calls.

Please be extra vigilant about protecting your networks and customers against this threat. The issue is being raised between carriers through international forums, but these discussions take time to bear fruit.

Fraud Protection – Dial Plan Algebra

AurorA has operated in the International Telecommunications market since 1994. Since that time the telecom landscape has evolved and transformed and the pace of change has accelerated. The liberalization and deregulation of telecoms since the 1990’s, the move to native Internet Protocol (VoIP) and the deployment of fiber optic networks spanning the globe have driven voice termination prices steadily downwards. Per Telegeography, the annual CAGR for International Telephony between 1983 and 2007 was 15%; if we now include Skype and other OTT apps international voice traffic is still growing over 15% per year. People still want to talk with friends, family and business associates overseas.

International Telecommunications has become a high volume, low margin industry. That is why we believe that you should trust your traffic to a partner who provides value beyond simply completing calls at “the lowest rate” via Least Cost Routing (LCR). That approach can actually cost you big time ! You want a partner who provides high quality service and is motivated in protecting you and your customers from fraud, because even a single money-losing event is one too many and can wipe away any per-minute savings in an hour.

There are numerous sophisticated telecom fraud schemes in the world. Some have been around for decades, others are new and improved. The estimated global telecom toll fraud is US$38 billion in losses per year. The CFCA, Communications Fraud Control Association, cites telecom fraud as the #1 fraud committed outpacing identity theft, IRS fraud and credit card theft.

What can we do to mitigate and minimize the losses to the criminal gangs and hackers ?
– Identify suspicious traffic
– Provide alerts
– Block the suspicious traffic (while ensuring customer doesn’t reroute call to next route on LCR)
– Maintain a database and continue to block previous identified fraudulent destinations
– Ensure a meticulous, accurate worldwide dial plan

Dial Plan ? How does my A to Z route guide help mitigate fraud exposure? Well let me go through the list and explain.

The global network carries hundreds of billions of voice minutes on an annual basis by wholesale carriers such as Tata, Orange, T-Systems etc. Using Big Data and AI, these carriers can detect suspicious call patterns and trends. Even with the size and complexity involved, this takes place in near real-time. Once detected, an alert is promptly sent to the affected customer.

At AurorA we go a step beyond that by pro-actively blocking the suspicious traffic stream immediately upon the alert (for all of our customers). Blocking, however, is only part of the solution. To keep your route guide from automatically going to the next choice, the proper non-routable ISUP/SIP release code is sent to indicate fraud blocked numbers so that it doesn’t just propagate through the route guide.

By maintaining a database of fraud events, we can also pro-actively block specific numbers/ranges where fraud has been detected before. Traffic is then monitored for any call attempts made to known fraudulent numbers as well as to any unallocated number ranges.

Calls to unallocated numbers may be fraud as well. A reseller may make a deal with the number range owner, usually in a low volume, high cost destination for exclusive rights to certain of these number ranges. Often they are called premium or “special” (see my post http://www.amitel.com/premium/ ) A regular report of call attempts made to blocked numbers can be a warning sign of criminals testing your network, to see if calls complete to their chosen fraudulent numbers.

The key is to ensure that your dial plan is constantly up-to-date with current worldwide numbering (updated weekly) and that you avoid using carriers that have a plethora of such premium or special number ranges on their dial plans. Further safety can come by pro-actively blocking high-rate destinations where you know that your end customer base has no call volume to.

Choose to use a quality, reputable carrier who you trust with your overseas calls.
If you have any further questions, please feel free to contact us.

Also, thanks to Robert Benlolo of Tata whose expertise in this field provided me with guidance.

Premium Numbers and Fraud

AurorA has been in the International Telecommunications space since 1994. Route guides for terminating traffic used to be simple; there was a rate per country to terminate a call to a landline telephone and maybe, maybe a second rate to terminate a call to the new cellphones. There were less than 300 lines on the spreadsheet.

Now, there are carriers whose A-to-Z rate sheet can offer thousands of pricing codes; still the landline rate with perhaps some other routes to major cities and a breakout now for each mobile carrier in the country but there are also an increased amount of expensive premium rates that are a potential risk for fraud.

In Canada and the U.S. in the 1990’s there was an explosion in the use of 900 or 976 numbers to offer premium services at a high per minute call rate that would be charged to the caller on their phone bill. Examples included weather reports, psychic hot lines and especially adult (phone sex) chat lines. The high per minute rates could lead to large phone bills very quickly and scammers would use all kinds of tactics to get people to call these numbers as they would get a split of the revenue from the phone company for each call. Consumers and businesses smartened up and blocked 900/976 number and eventually the Internet came and killed that particular market.

Overseas countries still have premium numbers and they live on through various names; Special Services, Non-Geographic Numbers, Universal Numbers, Telematic Services. etc. These numbers are premium in that usually they are at least ten times the rate of normal termination. They can have some legitimate applications; for example non-geographic numbers refers to a remote number, not tied to a physical destination such as if I wanted a Cyprus number to ring to my cellphone when I was elsewhere so my Cyprus customers could reach me.

They can be used for darker purposes though, through a scam called International Revenue Sharing Fraud (IRSF). In IRSF, the carrier in the far end country that owns the number ranges, leverage blocks of numbers they own by applying higher rates and assigning them to resellers outside of the country. Then hackers obtain these numbers, attack PBX’s and IP PBX’s and then machine generate calls. They then share the burst of revenue generated with the carrier in the country that owned these numbers providing a quick source of cash.

So how can you protect yourself ? It comes down to your own dial plan. You want to make sure that you don’t allow access to any premium numbers with such creative names like those listed above. Secondly , when choosing what international carrier to use to terminate your traffic with, beware of those whose own dial plans are riddled with such premium ranges, even if they seem to have low rates otherwise. It may be an arbitrage ambush. If they have many more premium pricing breakouts that do not exist on other carriers rate sheets you should avoid them. It doesn’t take many calls to the premium numbers to swamp any anticipated savings from using their “low” per-minute rates.

Choose to use a quality, reputable carrier for who you trust with your overseas calls.
Don’t be like those people in the photo when your bill comes in.
If you have any further questions, please feel free to contact us.

Also, thanks to Robert Benlolo of Tata whose expertise in this field provided me with guidance.