Gabriele Lieser

CUSTOMER SUCCESS MANAGER

Summary

The business model of fraudsters requires them to find ways to attract the attention of potential victims and entice them to reveal sensitive information. In doing so, they gain access to user accounts of all kinds and do their mischief there. Identity fraud can already start with the subscription process when a contract is signed with a fake identity. SIM-swap fraud happens when fraudsters use their victims’ SIM cards to take over a legitimate subscriber account.
Operators can prevent identity fraud with the verification of data in terms of suspicious IP-addresses, number ranges, IMSIs and fraud numbers, as well as working on speeding up the process. Subscribers can contribute their share to securing their accounts with the help of PINs and authentication apps.

Mobile network operators are faced with a truly Herculean task having to meet three challenges at once: they must comply with national and international regulations, the loss of data and revenue must be reduced, and the brand image must be protected so as not to shake the relationship of trust between subscribers and their network operator.

RoamsysNext Insights

In RoamsysNext Insights our experts share their views on extensive industry topics and possible solutions we can offer.

Especially with identity fraud it often takes a long time until the intrusion is discovered. It starts already during the subscription process when criminals turn up at the point of sale with a fake identity and conclude a contract. Identity verification is usually performed manually by a salesperson with limited sources of information. It is difficult for the salesperson to tell whether ID documents and bank account data have been stolen or falsified. Thus, fraudsters can leave the store with high quality, heavily subsidized smartphones, resell them or use them for other mischief. Once a fake subscription is set up, the fraudster has access to a wide range of value-added services, including not only phone calls, television and the Internet, but also mobile financial services such as mobile banking and mobile payment. For operators, this means that there are more and more channels that need to be secured.

It’s all about verification

Another major problem is so-called SIM-swap fraud, where fraudsters use their victims’ SIM cards to gain access to a legitimate subscriber. A SIM-swap takes place when the criminal contacts the mobile phone provider and can convince the call center employee that he needs a new SIM card. This creates a new card, but the legitimate owner is unaware of this. Once the affected phone number is assigned to a new card, all incoming calls and text messages are forwarded to the phone that contains the new SIM card. This SIM card can then be used to authorise transactions with the real subscriber’s bank, make online purchases, or engage criminal activities such as money laundering.

There have been a number of high-profile hacks where SIM-swapping was used, including some on the social media sites Instagram and Twitter. In 2018, then 15-year-old Ellis Pinsky from Irvington, New York, and 20 accomplices accessed the crypto-currency accounts of investor Michael Terpin, founder and CEO of Transform Group, using SIM-swaps: approx. $24 million were stolen.

“Hit and run” – no more!

Fraud and robberies happen every day, and not only public figures suffer. The common man provides a large attack surface and pays a bitter price for fraud. Nevertheless, there are ways to avoid such attacks. Individuals should set up a PIN code for their mobile operator account. Unfortunately, this does not protect against attacks that are carried out with the help of insiders. Another option is to use common authenticator apps such as Google Authenticator or LastPass Authenticator so that the person has all codes in one central location and has them available at any time, even when the phone is offline.

Prevention is better than cure

In order to prevent the above attacks, it is essential for operators to analyze which source numbers are associated with which countries, networks, hubs and businesses to gain and maintain control of their threat landscape. As always, the time factor and reliable data is crucial. Analysts and investigators are doing their best to prevent attacks and stay vigilant of the threat landscape. With the help of signaling firewall solutions they are already able to provide proactive protection, but still, the limited visibility of global fraud trends takes its toll.

Call them lazy or smart, fraudsters transmit successfully launched attacks to similar organizations on a different campaign. For this reason, verifying numbers has never been more important, and the screening of incoming communication for their trustworthy origin is a safe way to prevent fraud. The good news is, someday, there will be a platform to tell in a very automated and a very curated way the details of suspicious IP-addresses, number ranges, IMSIs and fraud numbers.

Let’s work together, not against each other

In order to meet three challenges at once: complying with national and international regulations, reduction of loss of data and revenue, and the protection of the brand image, it is inevitable for MNOs to ensure that their mobile services are secure and reliable. We stick to our goals and provide our customers and their subscribers with seamless accessibility, great quality perception and a unique customer experience.

However, the essential part of security technologies is also to find a good balance between security and usability. With the help of the latest technologies and together with the GSMA, we are working on more efficient solutions. Consequently, we are more and more keeping an eye on upgrading security aspects. Stay tuned for more advanced developments from the house of RoamsysNext.

Gabriele Lieser joined RoamsysNext in 2020 as Customer Success Manager to strengthen the bonds with our increasing number of customers and to support the marketing team. Gabriele has a strong background in corporate sales. She studied at the Universities of Trier (Germany) and Manitoba (Canada) and is incorporated in the RoamsysNext Client Service team.

  • RMX_Insights_Template21

How to Choose a Signaling Firewall Wisely

In times of global turbulences and increasing fraud attacks the decision for a sophisticated signaling firewall becomes more and more a priority. Some general considerations help to narrow down the choice.

Two-Factor Authentication rules!

For some time now, we have introduced 2FA and have contributed our share to provide more secure access to our tools. Norbert Becker, Head of Software Development, picks up the thread and provides engaging insights into his area of responsibility.

  • RoamsysNext Insights - Wholesale Roaming Manager

Introducing: The RoamsysNext Wholesale Roaming Manager

The RoamsysNext Wholesale Roaming Manager provides powerful collaboration and reporting tools for all roaming partner relationships by converging everything from service openings to the user’s roaming footprint, test SIM cards and tariffs, document and contact management.

We’re in this together

In the second part of our interview with Alexandre De Oliveira, POST Luxembourg Cyberforce, he highlights major pain points in fraud detection and stresses the importance of global information sharing via the GSMA T-ISAC initiative.

Mastering today’s Fraud Landscape

Learn how Alexandre De Oliveira’s team at POST Luxembourg Cyberforce is mastering today’s fraud landscape with penetration tests, security assessments, the Telecom Intrusion Detection System (TIDS) and the Telecom Security Scanner (TSS).

How to avoid configuration errors

Hardening the network is a good way to get configuration errors under control. Introducing smart firewall rules and consistently updating these rules can be very time-consuming, but it’s a crucial measure to be taken.

  • RoamsysNext Insights 9: Interview with Hendrik Hoehndorf

Making a Stand against Fraud

In an insightful interview, our CTO, Hendrik Hoehndorf, speaks about further GSMA initiatives on fraud detection and prevention such as the MISP (Malware Information Sharing Platform) and T-ISAC (Telecommunication Information Sharing and Analysis Centre).

  • RoamsysNext Insights

Let’s talk about data quality

Most fraud and security issues are caused by misconfigured network nodes. This article shows, how RoamsysNext treats this problem on their quest for data quality.