Telecommunications Fraud Organized approaches to fight it



Similar documents
Communications Fraud Control Association Global Fraud Loss Survey

WHAT THE FRAUD? A Look at Telecommunications Fraud and Its Impacts

Anti Fraud Services. Associate Member of..

Fighting Future Fraud A Strategy for Using Big Data, Machine Learning, and Data Lakes to Fight Mobile Communications Fraud

PBX Fraud Information

VOIP SECURITY: BEST PRACTICES TO SAFEGUARD YOUR NETWORK ======

Fraud Overview. Agenda. TAF Regional Seminar on Costs and Tariffs, January 2008, Djibouti. Peter Hoath

International Dialing and Roaming: Preventing Fraud and Revenue Leakage

IDENTITY THEFT VICTIMS: IMMEDIATE STEPS

Integrity We are above reproach in everything we do.

U.S. Postal Inspection Service. Ensuring Confidence in the U.S. Mail

TOLL FRAUD POLICIES AND PREVENTION

TELECOM FRAUD CALL SCENARIOS

Oakland Family Services - Was Your Hacked?

PBX Fraud Educational Information for PBX Customers

CCT Telecomm offers the following tips to ensure your protection from phone fraud at your home or business:

Fraud Policy FEBRUARY 2014

Prepared testimony of W. Joseph Majka Head of Fraud Control and Investigations Visa Inc.

azag.gov PROTECT YOURSELF AGAINST IDENTITY THEFT Office of Arizona Attorney General TERRY GODDARD For more information, contact:

M2M Summit Fraud An underestimated risk for M2M solutions?

Emergency Telecommunicator Training and Certification

FIGHTING FRAUD: IMPROVING INFORMATION SECURITY TESTIMONY OF JOHN J. BRADY VICE PRESIDENT, MERCHANT FRAUD CONTROL MASTERCARD INTERNATIONAL

SCAM JAM ID Theft. Presented by: Lori Farris Office of the Attorney General Office of Consumer Protection


The potential legal consequences of a personal data breach

FTC Facts. For Consumers Federal Trade Commission. Maybe you never opened that account, but. Identity Crisis... What to Do If Your Identity is Stolen

How the ETM (Enterprise Telephony Management) System Relates to Session Border Controllers (SBCs) A Corporate Whitepaper by SecureLogix Corporation

PAYMENT SECURITY. Best Practices

The Attorney General s Office established the Identity Theft Unit in response to increased identity theft incidents reported by Indiana citizens and

INTRODUCTION. Identity Theft Crime Victim Assistance Kit

Identity Theft: Your Good Name Gone Bad!

PROGRAM TO PREVENT, DETECT & MITIGATE IDENTITY THEFT

What Makes Good Fraud Management Software? 9 Questions for Tal Eisner of cvidya

How To Protect Your Credit Card Information From Being Stolen

Information Security Awareness Training

White Paper Voice Fraud Monitoring

Preventing Telephone Fraud

2006 National Community Policing Conference Identity Theft: Investigation and Prevention Tools July 27, 2006 Joanna Crane, FTC IDT Program

Identity Protection Services

ANTI-FRAUD POLICY Adopted August 13, 2015

WRITTEN TESTIMONY BEFORE THE HEARING ON PROTECTING PERSONAL CONSUMER INFORMATION FROM CYBER ATTACKS AND DATA BREACHES MARCH 26, :30 PM

Identifying Security. Payment System. Federal Reserve Bank. Ellen Richey Chief Enterprise Risk Officer Visa Inc. Visa Public

Instructions for Completing

GENERAL TARIFF CRTC 21461

WRITTEN TESTIMONY BEFORE THE HEARING ON FEBRUARY 4, 2014 TESTIMONY OF JOHN MULLIGAN TARGET

ID Theft P E R S O N A L A N D O R G A N I Z AT I O N A L P R E V E N T I O N A N D D E T E C T I O N

The Future of Data Breach Risk Management Response and Recovery. The Cybersecurity Forum April 14, 2016

How To Handle A Fraud At Psc

The Home Depot Provides Update on Breach Investigation

<March XX, 2015> <FIRST NAME> <LAST NAME> <ADDRESS LINE 1> <ADDRESS LINE 2> <CITY>, <STATE> <ZIP> Dear <FIRST NAME> <LAST NAME>:

Protecting the POS Answers to Your Frequently Asked Questions

OHIO S IDENTITY THEFT VICTIM ASSISTANCE KIT A guide for victims of identity theft, detailing what to do and who to contact.

Chapter 6 Appendix A

FNB Tanzania Cellphone Banking for Individuals Terms and Conditions

DATA BREACH COVERAGE

Identity Theft Victim s Packet

STRONGER ONLINE SECURITY

NetSafe Smartphone Security Report 2014

Overview of WAN Connections Module 1

How To File the FCC Form 499-A

Fraud Associate Course Description

Access Mediation: Preserving Network Security and Integrity

365 Phone, Online and Mobile Banking Terms and Conditions - Republic of Ireland Effective from 25 th November 2013

I know what is identity theft but how do I know if mine has been stolen?

WHISTLE-BLOWER POLICY

GLOBAL PORTS INVESTMENTS PLC

Identity Theft Repair Kit

Instructions for Completing the ID Theft Affidavit

Masters Seminar Privacy, security and fraud detection solutions for communication services

Technical Questions on Data Retention

A California Business Privacy Handbook

IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF ARIZONA

Network Security & Privacy Landscape

SECURITY BREACH INCIDENT RESPONSE AND CONSUMER NOTIFICATION PLAN TABLE OF CONTENTS PROGRAM OVERVIEW... DEFINITIONS... REPORTING A SECURITY BREACH...

How to Get Rid of Identity Theft

About the Federal Reserve

Identity Theft Victim Checklist

Identity Theft Assistance: Information for Recovering Your Good Name

DVD Companion Learning Guide

RED FLAGS RULE. Identifying, Detecting, & Mitigating Possible Identity Theft

AIS Webinar. Payment Application Security. Hap Huynh Business Leader Visa Inc. 1 April 2009

MCOLES Information and Tracking Network. Security Policy. Version 2.0

GAO. TAXES AND IDENTITY THEFT Status of IRS Initiatives to Help Victimized Taxpayers

Deputy Mike Butler Deputy Leslie Fox Dane County Sheriff s Office

Identity Theft Prevention Presented by: Matt Malone Assero Security

Protect Your Personal Information. Tips and tools to help safeguard you against identity theft

IDENTITY THEFT VICTIM KIT

Protect Your Personal Information. Tips and tools to help safeguard you against identity theft

Classification, Detection and Prosecution of Fraud on Mobile Networks

Sharon Kurek, CPA, CFE Director of Internal Audit

Terms and Conditions For Mobile Phone Service. Pre-Paid Type. Between The Service Provider And Subscribers

PRIVACY BREACH MANAGEMENT POLICY

Protecting Yourself from Identity Theft

Using Real Time Interactive Notifications to Effectively Fight Fraud, Accelerate Resolution and Increase Customer Loyalty

Reclaiming your identity

PCI and EMV Compliance Checkup

RESOLUTION TO ADOPT IDENTITY THEFT POLICY

Wisconsin Rural Water Association Identity Theft Prevention Program Compliance Model

Online Fraud and Identity Theft Guide. A Guide to Protecting Your Identity and Accounts

PIN Pad Security Best Practices v2. PIN Pad Security Best Practices

Transcription:

Telecommunications Fraud Organized approaches to fight it Presentation for FIRST Technical Colloquium February 7. 2000 By Security Supervisor Keld Frimann Nielsen Tele Denmark Agenda Telecommunications approach to security Fraud types and examples on fraud Amount and trends on fraud, worldwide Methods and tools to combat fraud International cooperation Presentation on CFCA (Communication Fraud Control Association) Tele Denmark activities on fraud prevention and detection Questions? 1

Telecommunications approach to security Security Statements (1.) Security is a competitive parameter in the liberalized telecommunication world. Security protects the customers against incorrect bills and misuse from third parties. Security protects the company against accidental or by conscious caused looses or misuse of the telecommunication network. 2

Security Statements (2.) Security protects the employees against unjustified accuse on participation in criminal activities. Security is a part of the company image and a trade mark on all telecommunication products. Security is a demand from the community. What are we to protect us against? (1.) Customer complains on product quality. Impenetrable or incorrect billing. Unauthorized physical access to the customers telephone line. (clip-on fraud) Unauthorized logical access to the customers telecommunication network and services. Unauthorized physical access to exchanges, infrastructure and buildings. 3

What are we to protect us against? (2.) Unauthorized logical access to network, exchanges and control systems. Unauthorized access to the administrative EDP systems and databases. Who are we to protect us against? (1.) Criminals who wants to make phone calls free of charge. Organized criminals who bases there business on resell of stolen telecommunication products. Criminals who wants to disturb or destroy the telecommunication infrastructure. 4

Who are we to protect us against? (2.) International operating criminals who wants to cover there activities by looping into the global telecommunication network. Persons with legal access to network,edp systems or buildings but -consciously or unconsciously becomes a victim to criminal elements. -permit some act of revenge against the company -have been mentally ill or unbalanced. Fraud types and examples on fraud 5

Physical access, (Clip on) The access network Home Exchange Clip on: Illegal parallel connection on the subscriber line and make someone else pay for the calls Customers Private Equipment Fraud Calling party Global telenetwork Private PABX Called party CPE Fraud: Stressing and/or misuse of a customers PABX to get new dialing tone and make free calls 6

Classic Fraud types Subscription Fraud: Misuse of the operators credit on payment of the bill Mobile Fraud: Cloning of analog mobile phones -Theft of SIM cards and handsets -Roaming Fraud, (misuse of the lack in timing for exchange of billing information) Carding Fraud: Misuse of stolen, hacked or shoulder-surfed card numbers and private PINS Boxing Fraud: Illegal stressing of national or international channel associated signaling systems Fraud types Payphone Fraud: Physical or logical manipulation on payphones to get free calls Example: Eternity cards 7

Telephone card modified with eternity chip. The chip is covered with tape Fraud types Social engineering:structured misuse of naive peoples to get confidential information or to sell fictive items (winnings, pyramid games etc.) Premium rate service Fraud: Misuse of others phones to generate calls to 900 services or specific countries to obtain profit from the service provider 8

Amount and trends on Fraud worldwide Estimated Fraud losses Annual Fraud losses U.S. 1997-1998 Mobile Fraud $ 650 Million All telecommunications $ 9 Billion (United States Secret Service) Annual Fraud losses Europe 1998 Euro 1 Billion (FIINA conference) Personal estimate Europe: Euro 2-3 Billion Worldwide all telecommunications 1999 $ 20 Billion (Nordtel, CFCA and others) 9

Trends on Fraud Fraud is increasing Internet provides numerous recipes on how Fraud is becoming more and more sophisticated Fraud does not respect boarders and involves often more operators network The increase in integrated services invites criminals to look for security holes Interconnect points for different networks are obvious points for attacks Methods and tools to combat Fraud 10

How do we combat Fraud? Security policy for all units within the company Continuously education of security staff Awareness campaign for all employees Security inspection on new products Registration of all abnormal incidents Listen to customers complains Cooperation with the authorities (police etc.) Cooperation with other operators Supervision of the network Fraud Management Systems Tools (Fraud Management Systems) Real time supervision based on Common channel signaling system no 7. (all calls) Creation of traffic patterns Setting up thresholds for alerts Automatic alert on suspected traffic, behavior or other abnormal changes Integration of information from different systems, (customer database, billing database, traffic database) Manual investigation on alerts 11

International cooperation International associations handling telecommunications Fraud ETNO: European Telecommunications Network Operators (Standardization) FIINA: Forum for International Irregular Network Access ( Operational, incidents, methods) CFCA: Communications Fraud Control Association (Educational exchange of experiences, Fraud alerts) Nordtel, NS/T: Nordic security group, (exchange of experiences and incidents) 12

Presentation on CFCA (Communications Fraud Control Association) CFCA - Goal Founded in 1985, CFCA is a not-for-profit international educational association working to help combat telecommunications fraud. CFCA seeks to promote a close association among telecom security personnel, to enhance their professional status and efficiency, and to serve as a clearinghouse of information pertaining to the fraudulent use of telecommunications services. 13

Membership Interexchange Carriers (IXC), Local Exchange Carriers (LEC), CLECs and ILECS, Private Network Companies, Law Enforcement, Officers & Agents, CPE-PBX users, E-mail providers, Security Product Vendors, Corporations that use telecommunication services (i.e. banks, universities, department stores, etc.) Number of members app. 240 CFCA - Objectives Educational conferences Education CCSP (Certified Communications Security Professional) Weekly Fraud Alert Expert forum (Questions from members) Communicator (Quarterly journal on Fraud issues) Fraud handbook Awareness brochures on Fraud Membership directory 14

CFCA - planned program 2000 2000 International Spring Conference Fraud in the 21st Century 2-5 May Edinburgh Scotland Fifteenth Annual Meeting and Conference and Seventh Annual Exhibition 20-23 June Washington DC USA 2000 Fall Conference 4-6 October Phoenix Arizona USA WWW.CFCA.org FRAUD@CFCA.org Tele Denmark activities on Fraud prevention and detection 15

Organizational and Collaboration Structure President & CEO Henning Dyremose Responsible for overall Security Net & Installation Ruth Pierson Finance, CFO Hans Munk Nielsen Operational Security Units Professional reference Domestic Security Group Domestic Security Jørgen Bo Madsen PM-Security Ernst Bjerregaard Customer Security Poul Q. Christensen Internet Security Per B. Hansen Cable-TV Security Finn Søndergaard Network Security Poul Erik Jensen IT-Security Per Verdelin Physical Security Jørgen Kjær Jensen Auditing Michael Øxenbjerg Legal Affairs Flemming Nørholm Corporate Comm. Per C. Andersen Primary Focus: External/Customer Primary Focus: Internal/legislated Ad hoc Group Approaches Corporate security policy Dedicated security policies for all units Security inspection program for new functions Security program for the access network Security program for access to buildings Security program for the IT network Supervision program for traffic etc. Investigation on suspicion Cooperation nationally and internationally Cooperation with the police Plan to implement a Fraud Management System this year 16

Questions? 17

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information