Caller ID: Defeating Identity Theft Tactics

Caller ID

While fraudsters work hard on feeding the Darknet with data, RISK IDENT and Telekom use data intelligently to do away with telecom fraud


Banks and financial institutions are a well-known hot target for identity theft fraudsters, but now criminals have earmarked a new pray: telecommunication companies.

Telecoms is now considered one of the hardest hit industries, with Cifas reporting that the mobile telecommunications identity fraud rate nearly doubled in 2017.



Digitalization is one of the prime causes of the sharp fraud increase in the telecom world. Each customer can now manage their personal data digitally, including creating accounts, managing invoices and depositing payments.

While convenient, this model creates a ripe opportunity for fraudsters to easily gain access to both customer and dealer accounts (which store databases of customer data). Fraudsters are then able to use the stolen information to take over genuine accounts.

How we sell products is also an issue. Nowadays, most customers receive high-value devices upfront and pay monthly instalments on contract. It is true that it makes customers’ lives easier, but it’s also easier for a fraudster to use stolen account details to renew a contract, collect an expensive mobile phone, and immediately sell the device – leaving the victim with the bill.

While certainly damaging to individuals, these hacker attacks cause thousands in loss when they set their sights on businesses. A classic scenario involves a fraudster using stolen data to access a business account, changing the personal information and triggering a contract extension for multiple iPhone orders. If the hacked account belongs to a long-standing business customer with a good credit rating, it’s common for fraud managers to miss the attack, causing instant loss of hundreds of expensive phones.


Fishing for data

Telekom is a company that RISK IDENT provides fraud prevention software. According to the company’s Senior Fraud Specialist Holger Stange, fraudsters are increasingly fishing data, using botnets to scan personal computers.

“One cannot imagine how many people store all sorts of personal data on their computer while also using an open network. This is an easy way for fraudsters to access identities and accounts. For example, when login data for telephone providers are stored locally on the computer, it gives the fraudster full access to a personal account and thus access to the system of the respective provider,” he explained to RISK IDENT.


The rise of the Darknet

Another fraud trend that has taken center stage is the sale of stolen identities and accounts on the Darknet. Here, fraudsters work together to take down and take over targeted accounts by sharing criminal procedures and purchasing stolen data.

These illicit libraries of stolen data are fueled by large-scale data breaches, such as the September 2018 Facebook attack, which affected over 50 million people. Once user information is looted, it ends up on the Darknet, being available for fraudsters to trade and use to hack existing accounts.

“As a provider, you have to optimize and expand your own fraud processes, of course, with supportive fraud software,” Holger explains. “The big providers benefit from the size; smaller providers are often overwhelmed by the speed of fraud development. The big providers, such as Telekom, can respond much faster with a dedicated fraud team and scam software.”


Budding romance

Romance fraud is also on the rise in the telecoms industry. This identity fraud manipulates victims’ emotions with fake love interests, gaining affection before requesting large sums of money. Since fraud prevention software can detect fraud by comparing the delivery address to the customer address on file, telecommunication fraudsters use romance fraud to trick the system.

After striking an online romance with their target, a fraudster then:

  1. steals the victim’s account information or requests they share their details:
  2. uses the details to order an expensive mobile device:
  3. convinces the victim to accept the delivery and forward the phone to an alternative address

This type of fraud often goes unnoticed by fraud prevention systems because the delivery and customer addresses match. Not only that, but the victim readily hands over his or her legitimate ID to accept the delivery, unaware it has been fraudulently purchased in their name.


Telecom fraud prevention tips

To tackle this destructive behaviour, telecom fraud managers need to predict where customers are most vulnerable and close the gaps that arise from the contract model.

Ensuring fraud prevention software is programmed to immediately recognize atypical patterns that signify possible fraud. If a transaction is flagged, Telekom’s Holger recommends calling the customer so they can confirm the transaction – if the customer is repeatedly unreachable, it’s often further indication that the transaction is fraudulent.

Holger also recommends that fraud managers pay special attention to business accounts. If the master data experiences significant changes, check the commercial register to verify it. Businesses can also use historical data for shopping cart analysis and tracking user behaviour.

To stop romance fraud in its tracks, we have identified red flags, such as victims tending to be women aged 45 to 50, and fraudulent orders typically occurring via a device located in a different country than the account holder.

The use of fraud prevention strategies and prevention software can help telecommunication companies significantly reduce identity theft issues.

See the article published by The Paypers here.

Ellipse 40

Any Questions?

Felix Steinmann – Managing Director

Scroll to Top