VoIP and SIP Fraud | Fraud Management

VoIP & SIP Fraud

Proactively detect and prevent fraud - at the signaling layer

SIP/VoIP Network is open for fraudulent attacks

With the emergence of multimedia applications and digital audio/video transport over IP-based networks, Session Initiation Protocol (SIP) is becoming the de facto signaling protocol standard for telecom LTE/VoLTE services. SIP is the session control protocol that can establish, modify, and terminate multimedia sessions such as Internet telephone calls (VoIP), multimedia distribution, and multimedia conferences.

However, without a rigorous method to choose the most suitable security mechanisms and their parameters, SIP remains vulnerable to several attacks. In contrast to traditional telephone networks, SIP/VoIP works at the application layer in IP networks, thus facing not only IP-network security issues but also new fraud issues related to the SIP protocol itself.

Breakthrough fraudster’s business model using artificial intelligence

Fraud is widespread amongst telecom services, with fraudsters continuously developing new ways to perpetuate it. Mobileum's solution utilizes the strength of artificial intelligence (AI) and machine learning (ML), combined with pre-packaged rule sets, to help CSPs stay a step ahead of frauds and reduce losses.

The machine learning component is continuously evolving as it learns from the information captured in the system. With each transaction it processes, it continually learns the practices of habitual fraudsters and adds this new data to the repository of historical information. It’s a win for CSPs and a compelling example of how they can leverage the solution to squash the fraudster’s business model.

See how Mobileum can help protect & grow your business

Over 750 Telecom companies, in more than 150 countries, are scaling their business with Mobileum solutions.

Network probes for mobile network fraud prevention

Telecom operators have been monitoring network connections in real-time for years to achieve various goals, such as gaining greater insight into service quality, performing analyses, and detecting fraud.

Mobileum offers a range of network probes, including in-line probes that work with SS7, Diameter and the SIP network without impacting network behavior. Mobileum probes analyze all network data based on adaptive rules and advanced analytics to extract data of specific interest. These probes can be programmed to perform specific actions based on rules set by the RAID VoIP/SIP fraud module, such as copying filtered traffic to RAID for real-time fraud detection and triggering intelligent responses.

Tackle multi-protocol fraud attacks

Signaling networks are using various protocols such as SS7 or SIP, which are susceptible to a variety of fraudulent attacks. As a result, fraudsters exploit loopholes to breach subscriber privacy, deny access to key services, and directly defraud mobile operators.

Mobileum’s RAID fraud management solution combined with a voice firewall can help operators detect and prevent fraud occurring on various signaling protocols as well as blocking fraud attacks in real-time.

Protect against a major type of VoIP fraud – False Answer Supervision

False Answer Supervision (FAS) is a type of VoIP fraud that occurs when A-party is incorrectly billed because billing duration is greater than the length of the actual phone conversation. FAS is usually performed by VoIP wholesalers in a Softswitch using randomly selected calls. Adding a small amount of additionally billed seconds to a large number of calls can mean significant revenue for the VoIP wholesaler.

Combating FAS can be significantly complicated due to the many carriers reselling routes from other suppliers, making it difficult to trace the fraud to its source. The RAID for VoIP/SIP fraud module includes pre-built mechanisms of FAS detection, which can be further complemented with the Active Testing test call generator (TCG) solution to detect FAS and Call Stretching over signaling layers. This can help CSPs to eliminate FAS and maintain a high level of call quality with customer satisfaction.

Fraud & Security Case Study

How an integrated approach to fraud and security enhanced fraud protection in a Tier-1 Communication Service Provider.

Meet Your Next-Generation Fraud Management System

Rule-Based Approach
An extensive rules library provides immediate fraud awareness and increased accuracy
  • Optimize rules according to your needs
  • Greater accuracy and lower error rate
  • Immediate results
AI/Machine Learning
AI and Machine learning algorithms leverage data analysis processes to detect deviations and unknown fraud patterns
  • Rapid prediction and processing analysis
  • Past customer behaviors evaluation
  • Unlimited traffic analysis
Our voice, data and SMS firewalls are fully integrated with our anti-fraud system
  • Real-time blocking
  • Fraud & Security contextual analysis
  • Wide range of fraud type protection

Enhanced security to reduce fraud

The Mobileum Active Intelligence™ platform addresses both fraud and security leveraging highly advanced fraud detection models along with proven in-depth security firewalls to deliver and monitor VoIP services securely.

The platform intelligently combines SIP security, threat intelligence, and fraud detection. This combined intelligence provides operators with real-time context-driven visibility into unauthorized activities and the ability to mitigate threats such as Denial of Service (DoS), Botnet attacks, Traffic pumping, CLI spoofing & Robocalls throughout their VoIP network.

Actionable Intelligence through contextual fraud with signaling security analysis

  • Extensive correlation of fraud enablers and methods
  • Pre-built fraud controls using adaptive rules and ML algorithms
  • Enhanced contextual analysis, for fewer false positives
  • Real-time fraud blocking on voice, SMS, and Data traffic
  • Faster, sharper and smarter fraud detection and prevention

Mobileum Risk Management Software Portfolio

Discover why Mobileum is the most trusted software vendor by Telecom companies all over the globe to manage their Revenue Assurance activities.

Top 6 SIP/VoIP fraud attacks: Why Operators need Fraud solution with real-time prevention

Denial of Services (DoS)
Attackers usually spoof their addresses and compromise other nodes (e.g., by Trojans), so that they can use them as zombies or botnets, and then remotely orchestrate Denial of Service attacks (DDoS, TDoS) to reduce bandwidth, making the network unavailable for service.
CLI Spoofing and Robocalling
Attackers can spoof caller-ID to hide their identity or impersonate a trusted organization. Caller ID spoofing enables fraudsters to call victims, request some personal information, such as an account number or one-time password, with the intent to commit a malicious or a criminal act. They sometimes use cheaply available automated bots/machines to generate traffic.
FAS and Call Stretching
The fraudulent carrier will route the call to a recorded message that plays a ringing tone and then a recording. The intention is to keep the calling customer on the line, paying for as long as possible. Sometimes the call is further stretched wherein the call is not terminated when the call recipient hangs up but waits for the caller to disconnect. During the period between the recipient disconnecting and the caller disconnecting, the caller is further billed.
Call Hijacking
Voice over IP traffic is sent on the IP network without any encryption. Session sniffing is thus possible, especially on wireless networks, where it is easier to trap the data (compared to the traditional telephone network).
SIP Registration Attack
Attackers can issue malicious INVITE messages to redirect all conversation messages to victim nodes, and thus carry out a ‘man-in-the-middle’ or a DoS attack.
IP-PBX Hacking & IRSF
Attackers can hack an IP PBX using hacking software, such as Nmap or SipVicious, to gain access and then begin traffic pumping or calling to hot destination and PRS numbers from the targeted IP-PBX.

Transform your fraud detection from Manpower to Managed Services

Having the right system in place is just one piece of the fraud detection puzzle—CSPs also need staff to operate these systems. The average fraud team is made up of four to five people, leaving fraud departments stretched and vulnerable to attacks, especially during evenings and weekends. Fraud departments need more resources—or, more specifically, managed services.

According to TM Forum, managed services are becoming more popular in the fraud management space, with 60 percent of CSPs already having part of the process provided by a third-party. Over 70 percent of CSPs use managed services for detection and prevention, while 50 percent use managed services for prevention. Mobileum offers a highly matured Managed Services team comprising of data scientists and business analysts that can continuously monitor, update, and fine-tune the solution ensuring detection and real-time prevention are always up to date.

Bring your own ML Models (BYOM)

The evolution of sophisticated fraudulent techniques has increased the challenges of mitigating risk issues. CSPs are now actively employing data scientists, new tools, and advanced analytical models to quickly adapt to new methods to provide proactive risk coverage. These data scientists do not want to be solely dependent on vendors’ ML models and rather want to explore new ML models designed and developed in their own ecosystem.

Mobileum embraces this requirement and has now built a new openML engine based on microservice architecture, offering pluggable ML models with extensive support to all ML frameworks. This will enable the CSPs data scientists to plug and play their own developed machine learning models based on any external library or ML frameworks. Thus, offering Telecom organizations to be future proof, as they continue to develop new models to tackle unknown risk challenges using different tools and ML approaches.

RAID for Fraud Management is Powered by Mobileum's Active Intelligence Big Data Analytics Platform

Case Management
Drill down on data and alerts with ad-hoc analysis to find the root cause of fraud and make better decisions faster.
Fully configurable
Use easy-to-apply configurations, workflows, and dashboards to enable simple and transparent mirroring of your required business processes. Automations and migrations let you execute this in days instead of months
Machine Learning
React to and stop known and unknown fraud patterns in a repeatable and auditable way by combining an extensive rules library with machine learning.
All-In-One Software
Manage the telecom fraud management lifecycle autonomously, from data loading to mitigation actions, with Active Intelligence's complete suite of tools for fraud analysts.
Link Analysis
Quickly uncover fraudulent activities by highlighting key individuals, connections and patterns in a uniquely visual way. Gain a deeper understanding of data within a different entity and relationship types, as well as attributes that can help uncover hidden fraud patterns.
Big Data Analytics
Adopt stream data integration as part of your data management strategies for real-time integration and analytics. Address the problem of matching continuously income events to evolving fraud patterns with Active Intelligence's complex event processing (CEP). Accelerate fraud detection and react faster to emerging threats with real-time data stream analysis.

Future-Proof Your Fraud Management Strategy With AI & Automated Blocking

CLI Spoofing and Robocalling Fraud
Fraudsters can generate false calling party information and pass it onto the PSTN via SS7 using IP technology. Mobileum Robocalling fraud solution, combined with a voice firewall, can sort good traffic from bad, block unwanted calls, and keep a voice network safe and secure from attack.
IRSF Fraud
International Revenue Sharing Fraud (IRSF) continues as the most persistent type of fraud within the telecom industry. Mobileum’s pre-packaged Revenue Share Fraud Management solution, combined with a real-time action system, can help operators mitigate losses occurring due to revenue share fraud.
Bypass Fraud
Fraudsters highjack voice international termination calls over an IP network and send them to a SIM box (a device that houses SIM cards), which redirects this illegal VoIP traffic onto mobile networks. Mobileum’s pre-packaged Bypass fraud management solution, combined with a real-time action system, can help operators mitigate losses occurring due to bypass fraud.

One platform that cuts the data silos between all telecom applications for limitless insights

Digital business depends on a flexible application portfolio that enables delightful digital experiences, that supports new ways of doing business, and that makes the most of new technologies.