Telecommunication operators globally are losing $40 billion a year to fraud, according to The Kroll Annual Global Fraud Report 2011. Given that the mobile sector in Africa is a roaring success, it is inevitable that operators there will also be open to fraudulent practices that are eating into revenues. Olubayo Abiodun, Clifford Agugoesi and Chimezie Ndubisi give examples of how this intricate web of deceit is being sown in Africa.
A recent paper produced by the Department of Computer Science Department of the University of Pretoria in South Africa noted: “Telecommunications fraud, already a major threat in currently specialised networks for voice and data traffic, is expected to increase in upcoming converged networks referred to as Next Generation Networks (NGNs). Due to some of their key characteristics, such as being based on the Internet Protocol, NGNs create new challenges for effective fraud detection. Besides, as they enable the provision of innovative services, NGNs may also give rise to new fraud scenarios that cannot be addressed by existing fraud management systems (FMS), as these systems are highly service-specific. More appropriate tools are therefore needed for improved NGN fraud detection.”
A survey by Association of Certified Examiners, the world’s largest anti-fraud organisation and premier provider of anti-fraud training and education, also highlighted the problem, pointed out that on the average companies lose five per cent of their annual revenue to fraud.
With 735 million mobile subscribers at the end of 2012, Africa is deemed to be the fastest growing mobile market in the world is the second largest mobile market in the world, behind Asia. This market size has brought with it a huge opportunity for messaging abuse, which includes spammers, fraudsters and illegitimate users, resulting in revenue leakages and disputes for mobile network operators.
On an annual basis, telecoms fraud is costing operators an estimated $40 billion in losses globally. But with better tools and procedures needed to address the problem, according to a report from research firm Heavy Reading, these challenges can be surmounted.
The $40 billion total is the equivalent of nearly two per cent of the $2 trillion annual telecoms revenue worldwide with additional services like mobile-based offerings increasing the fraud risk for operators. The report found that long-established fraud problems continue to drain service provider resources, with PBX hacking techniques forming the greater chunk of the fraud challenge in the mobile ecosystem.
Experts have identified the common fraud related activities in telecoms as including R/IC (International Roaming and Interconnect), revenue leakages during provisioning and switching, IMSI/ISDN mapping – serial theft, CDR manipulations and mobile money – interceptions, among others.
The fraudsters are always devising new methods to stay ahead of the legitimate business owners and operators. In telecoms parlance they are described as illegal SIM-box operators. These hackers use SIM-boxes and the internet to disguise international calls as local calls, and with it they make huge profits at the expense of legal operators. Their trick, which is known as “bypass”, enables the fraudsters to avoid the other taxes and other costs associated with international telecommunications.
Gloval Voice Group(GVG), the world leader in telecommunications governance technologies, has made a very positive assessment of its operations against telecoms fraud in Africa. According to a recent study carried out by the US-based Communications Fraud Control Association (CFCA), “bypass” is a global telecoms phenomenon that affects all international operators, by causing them to experience financial losses of close to three billion dollars each year.
The Gambia is one African country that has had a fair share of illegal bypasses. Last year, local newspaper reported that three people were arrested for bypassing the international gateway of the Gambia Telecommunications Company (Gamcel) thereby defrauding it of huge amounts of money.
The three accused were Alhagie Bah, a Gambian; Christiana Brown, a Sri Lanka national; and Muhammed Bangura, from Sierra Leone. Bah allegedly bought huge amounts of Nopal credit from Gamcel, an average credit that was not normal for one person’s use, immediately arousing suspicions from Gamcel officials.
During investigation, police recovered seven SIM boxes that the accused used as gateway. A police statement said that this has resulted in Gamcel losing the sum of D26 million.
Commenting on the development, a senior staff of Gamcel, who spoke on condition of anonymity, told reporters that the international gateway could be in different countries. He disclosed that the accused carried out their fraudulent act for two months. They made test calls everyday, spending between D10, 000 and D15, 000, in order to protect the system.
Another major form of telecoms fraud is the recharge card theft. Telecel, the second largest mobile operator in Zimbabwe, recorded a phenomenal case in 2010 when it uncovered a recharge cards fraud worth $ 1.7 million. It was discovered that some Telcel staff members swindled the company by issuing recharge cards and starter packs using manual invoices, a method that had long been discarded by Telecel. The company was lucky because it is very difficult to discover internal fraud.
This, though, is not limited to Telecel, but many operators across Africa would rather stay silent on internal fraud to avoid unwanted publicity. Operators in Nigeria, Kenya, Ghana, South Africa, Cameroon, Uganda, and Ethiopia have also recorded of scratch card thefts, but have chosen to keep silent on the development.
Econet is another victim of scratch card fraud. Martin Dingwa allegedly manipulated Econet’s system and produced his own airtime cards that he sold in the city, thereby costing the company $530 million in lost revenue, according to The Herald of Zimbabwe.
In Uganda, mobile money fraud cost telecom giant MTN Uganda an estimated Shs16bn ($6.037m) in one year. The Observer newspaper, quoting a police source, said the most affected companies hated to publicise their misfortune for fear of losing the confidence of their customers.
Part of the internal control measures already taken by the MTN Uganda includes the installation of software to ensure that their internal online communications cannot be forwarded or accessed outside the office. This is aimed to guard against such ugly secret leaks to the public. This arrangement seemed to discomfiture the police who would prefer to have the fraudsters nabbed by the long arms of the law.
The Observer reported that MTN lost Shs450m ($169,811) to fraud by its employees. Another Shs450m was intercepted before it could get to its final destination. The fraud involved the culprits obtaining a given mobile phone number for just a few hours. During this period the phone would show that there was no network.
At this point the fraudsters would then swap the phone number by accessing the serial number on the SIM card. The number would then be swapped for the fraudsters’ mobile phones where the original owner’s line ‘sits’ on the fraudsters’ line. Money would then be sent from an MTN account to that phone number. It would, however, end up on the fraudulent SIM card. The money would then be withdrawn using the fraudulent SIM card. This scheme is referred to as IMSI/ISDN mapping – serial theft. And, like in other instances where fraud has been detected, the telco preferred to keep mute in order to protect the integrity of its network and services.
It was also reported that in May 2012, another scam involving MTN Uganda staff was uncovered. The employees of the telco were allegedly involved in the manipulation of the mobile money suspense account – where cash from poorly executed transactions is kept. They stole up to Shs15bn ($1.67m).
According to local media, the same company reported another scam in August 2012 where it was alleged that between 2009 and 2012, one of the company’s suppliers, Three Ways Shipping, submitted fictitious invoices of $3.8 billion as shipping charges for network equipment purportedly for MTN. However, no goods had been supplied to MTN.
Foreigners are also at it in Uganda. Four Bulgarians resident in the country, who used fraudulent means to access bank details of legitimate Stanbic Bank account holders, were nabbed in August last year. They used a microchip inserted in the ATM machine to access PIN numbers. They will then clone the bank customers’ card and start withdrawing money from these accounts at will.
The Observer reported that secrecy compounds the frustration the police have to contend with. According to the newspaper, the other drawback is the weak penalties handed out to those convicted under the Computer Misuse Act, Electronic Transactions Act and the Electronic Signature Act, which deals with cyber crime. According to the paper, the police find it difficult to provide assistance because the companies preferred silence.
The litany of fraud in Africa goes on. In Namibia, a former Telecom Namibia procurement manager, Ivan Ganes, was last month found guilty of defrauding the parastatal N$1.12 million. The fraud was perpetrated repeatedly over a period of nine months between March 22 and December 14, 2000.
Ganes, 49, admitted that he fraudulently under-invoiced a Windhoek scrap dealer, Dresselhaus Scrap CC, for copper wire that the firm was buying from Telecom Namibia and that he unlawfully allowed the firm to make Telecom Namibia pay for removing the copper wire from redundant phone lines.
In the process, Telecom earned some N$419,459 less than it should have from the sale of the copper wire, and it lost an additional N$705,709 because of the removal costs paid to Dresselhaus Scrap.
Ganes had had his estate sequestrated in South Africa with N$1.22 million being paid from his estate to Telecom Namibia. He joined Telecom Namibia in 1995 as the company’s procurement manager, earning of salary of N$15,000 per month.
In Ghana the authorities have intensified their crackdown on SIM box fraudsters with several new arrests, including a five-member SIM box fraud syndicate operating in Accra and the US.
SIM box fraud is a phenomenon, which involves conversion of international traffic to a local status through fraudulent manipulation. This entails buying large volumes of SIM cards and using them to channel calls away from legitimate operators at a lower cost.
The five accused were charged with unauthorised access or interception of electronic records, possessing illegal devices, providing electronic communications services without a licence, knowingly interfering with the sending, transmission, delivery and reception of communication and abetment of crime.
Communications Minister Haruna Iddrisu has pledged that the government will relentlessly fight the menace of SIM box fraud, which is cheating both the state and telecoms operators of millions of dollars in revenue.
In the mobile telecoms ecosystem, one area that has given the authorities in South Africa sleepless nights is SIM swap that fraudsters use to commit large-scale fraud. Operators such as MTN said they had taken firm action to prevent a repeat of a fraud incident in which an online syndicate hacked into the bank account of a local charity and stole thousands through a SIM swap.
According to the report, Novalis Ubuntu Institute lost almost R100, 000 ($10,745) when a Johannesburg-based syndicate hacked into its bank account. Crucial to the crime was the syndicate’s success in discovering the bank’s highest online security measure – the one-time password necessary for carrying out the transaction. The Ubuntu project looks after orphaned and vulnerable children.
How was the crime executed? Similar to the method used by fraudsters in Uganda, the fraudsters took advantage of the SIM swap policy by asking MTN to swap a SIM card so that the one-time password was sent to them and not to Ubuntu’s chief financial officer, Anne-Lise Bure. A total of R90,460 (US$9,720) was taken from her Standard Bank internet banking account.
A SIM swap allows a mobile phone owner to replace a SIM card, whether through damage or loss of a mobile phone, while keeping the same mobile phone number. With the successful SIM swap, the fraudsters went ahead to clone Bure’s SIM card and with that the fraudsters were able to hack into the account, create a new beneficiary – which can be done only when the bank sends a client the one-time password via SMS – and transferred the money into several accounts. The syndicate, armed with a fraudulent ID book in Bure’s name, persuaded MTN to swap the SIM card in Bure’s absence.
Narrating her account of this development in an Online report, Bure said from what she could establish was that a man went to an MTN in Johannesburg acting as her driver. The driver purportedly told a sales consultant that he was sent by Bure to do a SIM card swap. When an MTN consultant told the fraudster he couldn’t do the SIM swap without Bure being present, the “driver” said she was “very busy”. He asked the dealer to phone her and gave him a number. The woman who answered claimed to be Bure and asked the MTN Consultant to do the SIM swap, which he did. Four days later, Bure was shocked to find the bank account empty.
An official of MTN, according to the Online report, said that it was apparent that the fraudsters already had enough information on Bure to defraud her, without the MTN details. “The perception exists that this fraud is as a result of MTN’s processes failing, when in fact the victim is partially to blame for not protecting sensitive information such as bank account numbers and passwords.
“The incident happened at a dealer store where it seems the personal authentication process broke down. We are implementing an auto SMS function to inform the subscriber that a SIM swap has been requested on his or her account prior to proceeding with the SIM swap transaction. This will allow the subscriber time to contact MTN in the event that they did not request the SIM swap.”
Like most other operators across the world, MTN Nigeria would prefer to keep mum on any irregularity concerning its operations, even when a local Nigerian newspaper revealed a N600 million ($4.9million) fraud perpetrated by unidentified staff in collaboration with external agents.
The newspaper reported that the fraud was carried out by three personnel in the company’s engineering department, who allegedly colluded with contractors building the base stations for the company to inflate contract prices.
But mobile fraud is the most troubling for the management of MTN Nigeria. This is the reason why the company, in Q3 2012, announced a comprehensive solution to deal with mobile fraud in an effort to protect subscribers on its network. The solution deployed by the company is a four-digit security number for all its subscribers. The company explained that the security number would also enable all its registered subscribers access to service channels including Walk-in Centres, Customer Care Help line 180, Web Self Service and My IVR-181
MTN Nigeria’s Customer Relations Executive Akin Braithwaite said the four-digit number offered customers security and protection from mobile fraud while providing uniform authentication and unique identity on MTN’s network. “The security number consists of a 12 digit customer identification number and four digit security key and is totally unique and personal to each customer.”
He said the security number was designed to also significantly improve customer experience on the MTN network by empowering customers to resolve most of their issues using a number of avenues. “The security number opens the door to a world of convenience and ‘Do It Yourself’ for the over 40 million customers on the MTN network provided they have registered their SIM cards,” he said.
While the hackers were busy perfecting there art of dumping on the network of operators, the laboratory was also kept busy by GVG, which developed the tools for dismantling the fraud capabilities of the tricksters. Since 2009, the company has focused on solving the growing problem of illegal SIM-box operators.
Chief Executive Officer of the Telecommunications UK Fraud Forum (TUFF) Jack Wraith believes that the way to combat telecoms fraud is through information sharing. In an exclusive podcast with Telecoms IQ, Wraith said: “In order for legitimate communication service providers to combat the attacks against them and their systems, it is critical that information is shared between operators on a much wider basis than traditionally has been done.”
The scale of telecoms fraud and the prevalence of this challenge have led to the creation of skills specialisation within the telecoms fraud paradigm. Even training needs have been designed to meet specific niche programmes. In some instances, the pervasiveness of the telecoms fraud challenge has become critical focus in areas such as Fraud Management System (FMS) Analysts, Fraud Investigators, Internal Auditors, Network Security, IT Security, Business Intelligence Analysts, or Fraud and Revenue Assurance Teams.
Frauds have become so sophisticated and training requirements have to be delineated in a way that specialists in specific areas are well groomed. Specialist trainings now focus on specific need areas such as Telecoms Fraud & Cyber Crime Standard Practices, Fraud Management Systems & Criminal Forensic Systems, Security Fundamentals for the Telecoms Voice Networks, Security Fundamentals for Internet Networks, Internet Cyber Crimes – Network Intrusion and Social Engineering, Hacking Telecoms Systems – Network & Radio Side Intrusions, Interconnect Settlements & Injection Frauds, Interconnect Bypass, SIM Box & Diversion Frauds, Roaming Frauds – IRSF, CAMEL & Credit Exploits and Subscription Fraud, Customer Frauds & Credit Management.
GVG provides regulators with antifraud technologies that have the capacity to identify grey routes and to detect fraudulent lines in less than one hour, thus enabling legal operators to disconnect them promptly.
In this way, GVG has contributed to disconnecting hundreds of thousands of suspicious or fraudulent lines in Ghana and Guinea. The company has implemented the same antifraud system in the Republic of Congo and, more recently, in Liberia and Rwanda. Furthermore, GVG helped regulation authorities to set up antifraud units in cooperation with the judiciary system and the local operators and took part in investigations that led to the dismantling of several clandestine networks.
GVG’s anti-fraud programme was developed specifically for the benefit of regulation authorities wishing to coordinate the fight against bypass fraud themselves and to optimise the collaboration between all stakeholders. On the basis of this new approach, the fight against fraud is no longer the sole responsibility of each African operator’s internal management; it is now increasingly dealt with in a climate of consultation, under the leadership of an authority possessing the relevant competence and independence.
Vice-President of GVG, Francois Dugue said: “The regulator’s role is to protect the interests of all stakeholders. Obviously, this includes the interests of African States that collect premiums on international incoming calls, in accordance with both ITU recommendations regarding network externalities and their own national policies. However, these policies have a number of opponents who have said that premiums collections contribute to the increase in bypass fraud and therefore advocate their abolition.
“This kind of reasoning implies that states should merely give up on their sovereign right to widen or strengthen their tax base, under the pretext that this may encourage fraud. Rather, he stated that GVG’s revenue assurance programme and its integrated antifraud component, aim to protect the operators’ revenues while ensuring sustainable conditions for the optimal enforcement of African States’ pricing or tax policies.”