Sometimes security risk is obvious. The need for hacker detection and prevention is obvious when it comes to online ordering. Sometimes the risk is present but more subtle, however. Such is the case with VoIP fraud.
VoIP fraud flies under the radar because most people have grown up around telecommunications that was hard to steal. Sure, a young Steve Jobs figured out how to hack AT&T (News - Alert) for free long distance, but most people have not even thought about the possibility of having their phone line hijacked because it was an analogue process that was hard to steal.
Not so with VoIP. A hacker can relatively easily hack into a company’s VoIP-based PBX (News - Alert) system and leverage the theft to place expensive international calls and include the hijacked PBX in international schemes.
“Most enterprises who are victims of VoIP fraud don’t ever realize that they have been hacked, and the problem isn’t caught by VoIP providers sometimes for days,” noted a recent blog post by VoIP software provider, TransNexus (News - Alert).
It noted that a single fraud event can cost VoIP providers between $5,000 and $50,000, and this is usually borne by the provider because customers refuse to pay the charges that come from such theft.
Evidence indicates that VoIP theft is on the rise, too. There were nearly 83,000 fraud complaints in 2011, according to watchdog group, the Australian Competition and Consumer Commission (ACCC) and reported by the TransNexus blog. That’s almost double the complaints from 2010 and quadruple the number from 2009. The ACCC estimated that nearly 20 percent of the fraud complains received in 2011 involved telecommunications hacking.
Not that all VoIP theft goes unnoticed. A recent high-profile incident involved four hackers in the Philippines who were involved with organizing an attack on the clients of AT&T. The incident cost AT&T more than $2 million, the TransNexus blog noted.
Such theft is why TransNexus, at least, has made VoIP theft prevention and detection a priority. In January, the company announced a fraud detection module in its flagship NexOSS lease cost routing product.
The module works by detecting spikes in customer call traffic, according to the TransNexus blog, automatically blacklisting suspicious routes and temporarily suspending them from the routing table.
TransNexus also unveiled a new version of its SDReporter product with new fraud detection features at the COMPTEL (News - Alert) PLUS Spring 2012 Convention & EXPO in San Francisco.
SDReporter is a reporting package designed to analyze quality of service (QoS) statistics and Call Detail Records (CDRs) reported by an enterprises’ SBC or PBX, according to the blog. The latest release is able to recognize potential fraud events in near real-time and send automatic email or SNMP alerts, stopping potential scammers in their tracks.
“We live and die by our fraud detection reports” said Jay Cox (News - Alert), director of telecommunications management at Appia Communications, in the TransNexus blog post. It reported that since implementing NexOSS, Appia has not had a single fraud event.
Edited by Rich Steeves