A new survey by the Communications Fraud Control Association (CFCA) delivers both good and bad news in terms of network operators’ efforts to control communications fraud.
Communications fraud happens whenever a person or group uses communications services with no intention of payment. In order not to encourage even more fraud, operators like Vodafone and AT&T are understandably reticent when it comes to revealing how their own fraud prevention mechanisms and procedures stack up against competitors. However, these operators are more forthcoming in anonymously responding to the annual survey by the CFCA, which represents operators, security and risk management vendors, and law enforcement authorities.
The good news: total revenue lost to communications fraud last year was $28.3 billion, less than half of losses suffered at “peak fraud” in the late 2000s. The bad news: the rate of decline has slowed significantly, an indication that remaining fraud is extremely hard to root out.
Making matters worse, the relative flattening out of fraud losses is happening at a time when overall telecoms revenue continues to decline rapidly. As a result, fraud accounted for 1.74 per cent of total operator revenues, compared to just 1.27 per cent of total revenue in 2017.
And what this year’s results reveal, in part, is a sense of resignation on the part of operator security teams. For example:
- “Lack of perceived interest or understanding by law enforcement” continues to be the leading reason for not reporting cases to law enforcement, with 41 per cent of respondents saying they have no faith in the judicial system to administer the right punishment to deter others;
- 43 per cent of respondents indicated their company reports fewer than ten cases to law enforcement annually;
- 10 per cent of respondents reported they have stopped reporting potential violations of law to the proper authorities; as a result, 7 per cent fewer cases were reported to law enforcement last year than in 2017.
As operators increasingly conclude they must look inward in order to address communications fraud, a growing number of them are getting more sophisticated in adopting rules and tools to help identify fraud and mitigate the damage from attacks. Rules-based fraud management systems continue to be the dominant approach by far. They are used by 70 per cent of respondents to the CFCA survey. However, there are signs of progress, as 6 per cent of respondents indicated they have begun implementing machine learning and artificial intelligence as crucial components of their fraud management systems.
Unfortunately, that still represents a small portion of respondents, especially when compared to the 15 per cent who indicated their fraud management systems were entirely manual. Depending on whether you’re an optimist or a pessimist, that finding represents a major opportunity to continue to cut down on telecoms fraud – or a clear signal that fraudsters will have lots of addressable opportunities for the foreseeable future.