Call of Duty: Telecoms Firms Must Tackle Account Takeover Fraud

Call of Duty: Telecoms Firms Must Tackle Account Takeover Fraud


Account takeover fraud is sweeping the globe, and the telecommunications sector is one of the hardest hit industries. Fraudsters are leaning heavily on telcoms for illegal gains, and both the companies and their customers are feeling the shock. But why is this industry such an attractive target, and what can telcoms bosses do to lessen the damage? Identity theft has reached what experts call “epidemic levels,” largely in part to the sharp increase of data breaches happening around the globe. The U.S. credit bureau Equifax suffered a breach of its network security system last September, which compromised the personal info of 143 million consumers around the world. And this came hot on the heels of 1,800 other security breaches that exposed 1.4 billion data records in just 2016 alone . That same year, the UK telecommunications company TalkTalk was fined £400,000 for a cyber attack that allowed for the personal details of 150,000 customers to be stolen by hackers.

While data breaches are scary in their own right, the real nightmare is what criminals do with customer information once they’ve stolen it. Fraudsters use this illegally obtained info to create new accounts online and, even more damaging, use it to hijack existing accounts. The latter allows for criminals to hide behind the names and account history of good customers to somewhat easily make fraudulent purchases.


Why mobile telecoms are so vulnerable to ATO

Cifas reports that the identity fraud rate in the mobile telecoms sphere rose 60% in 2017 . And the reason the mobile telecoms industry has taken such a beating is based on the industry’s standard business model. Fraudsters are particularly attracted to the phone contract model used in Europe, where customers immediately receive a high-value device that they eventually pay off monthly.

This system has lured in fraudsters, who’ve found that it’s relatively easy to use a victim’s stolen account details to access his or her account, collect the expensive phone, immediately sell off the device, and leave the victim with the bill and whatever other fallout that occurs.

Contract extensions are another door that fraudsters have weaseled through as they continue to target the telecommunications industry. As a way to reduce customer friction, many mobile service providers have eliminated complex re-sign processes. Though this presents convenience and ease to legitimate customers, it also presents a lucrative opportunity for hungry criminals.

Fraudsters have realized that they can use stolen data to hijack existing accounts and change a victim’s account details to ensure that the brand new device that comes along with an automatic extension is delivered to an address that they can access. This type of fraud is popular, so much so that there’s even a pricing scale for mobile contract account details on the Dark Web; the closer an account is to a renewal date, the more sellers can demand for the account information, as a big payoff is right around the corner.

Unfortunately, telecom firms don’t just experience outside threats. RISK IDENT’s fraud experts have found that it’s becoming more and more common for account takeover fraud to actually happen from within, carried out by telecommunications employees. In such cases, firms’ employees use their administrative access to take over customer accounts, create a bogus contract renewal and collect the phone for themselves. In some cases, resellers and company partners also have the ability to create fake renewals in customer accounts, which is helping drive the high ATO rates in the telecom industry.


What telecoms firms can do to lessen identity theft threats

The only surefire way to stop the flood of fraudsters who’ve targeted the telecommunications industry is to close the gaps presented by the mobile phone contract model. This entails predicting where customers may be most vulnerable to fraud and keeping that in mind when constructing a telecom firm’s fraud prevention strategy.

Over the past five years, RISK IDENT has identified several account and transaction characteristics that can assist telecoms firms in detecting account takeover fraud. These include:

  • Recent account changes: Nearly all confirmed cases of ATO fraud came with a password, address or e-mail address change within 10 days prior to the transaction.
  • Expensive purchases: The average order value in account takeover cases is four times higher than other orders. For example, fraudulent orders often include a request for a much more expensive device than the victim’s previous phone.
  • Customer age: Due to having significantly less technical expertise, older customers are much more likely to be victims of identity theft and account takeovers.

Paying attention to warning signs like these and incorporating systems that further predict account takeover vulnerability have the power to significantly reduce ATO fraud in the telecommunications industry. After all, the harder a companymakes it for criminals to commit fraud, the less likely it will be targeted.


See the article published by telecompaper here.