Caller ID Spoofing (aka CLI or ANI Spoofing) is a big problem and is threatening the survival of some telecom players. In 2021, spoofing was estimated to account for a loss of $2.63 billion for communication service providers (CSPs).
It destroys the credibility of the organization being impersonated. Fraudsters make calls that seem to be from a company with which the victim may be familiar. In some of the worst cases, the number looks like the toll-free number of a bank or other financial institution. For victims who happen to have that number stored in their phone, there will be absolutely no warning signs that the call is fraudulent.
Robocalling, which has plagued people in the USA and elsewhere over recent years, also uses CLI spoofing to mask the true origin of the call, which may be international. Fraudsters spoof the number to make it appear as a local or national number, which is less likely to be seen as suspicious.
An environment of distrust
The huge number of fraudulent calls is creating an environment of distrust among the general population, who are simply not answering calls. This is proving a significant setback for CSPs A recent report indicated a steady decline of 20% to 30% year-over-year in call pickup rates. These criminal calls are directly impacting revenue and margins from national and international voice and messaging services to the CSPs. When CSPs lose customers due to CLI-related frauds, those customers have lost not only their money but also trust in their service provider as well as in the organization being ‘spoofed.’
Although there are regulations, standards, and fines for non-compliance, the ammunition is clearly not effective enough to combat the increasing ingenuity of the fraudsters. There is also the question of critical mass. As telecommunications are international services, any standards-based approach relies on enough players in the ecosystem opting in to ensure a potent defense. The constant evolution and increasing sophistication of technology also give fraudsters new opportunities and new methodologies to target their victims.
The power of technology works both ways, however, and while traditional methods of identifying and stopping fraud are becoming less and less successful, the new wave of capabilities is giving the telco ecosystem much more robust layers of protection.
Building a strong defense
Prevention is, of course, the best option - stopping the calls from ever reaching their intended destination and cutting the fraudsters off from their source of income - and new technologies make this possible. By combining a traditional rule engine with new advanced artificial intelligence (AI) and machine learning (ML) capabilities, fraud losses can be effectively minimized - although it is, of course, impossible to guarantee 100% security due to the size, complexity, and geographical distribution of telecommunications service ecosystems.
For CLI spoofing, it is important to note that the analysis of call detail records is not an effective method of detection. The strongest defense is a signaling security system that employs real-time capabilities based on probabilities, investigation, and the comprehensive analysis of fraud signatures. This proactive approach leverages the network to help prevent fraud throughout the digital ecosystem.
Signaling security analyses real-time network traffic, looking at both traditional risks and those emerging as the world continues its digital transformation. By detecting threats throughout the signaling layers, from the IP layer upwards, attempted fraudulent activity can be thwarted before the actual connection is established.
The use of real-time signaling level analysis, paired with advanced machine learning techniques, provides new opportunities to drive a prevention-based approach. It supports both carriers and operators in addressing these types of fraud risks effectively and preventing them from continuing to impact revenues, margins, reputation and drive increased consumer and regulatory pressure.
Criminal activity in telco networks is a moving target. To significantly reduce the impact, there needs to be a structured, coordinated, cross-industry effort to adopt and employ the most advanced fraud detection and prevention systems. As more and more interconnections are made across the world, the greater the threat to the telcos, the wider ecosystem, businesses, organizations, and customers. The goal is to protect them all and use all the tools at our disposal to create the strongest possible defense.
