• Home
  • Hosted Voice
  • Fraud

Recommended Fraud Mitigation Best Practices

Written by Marissa Orsini

Updated at April 26th, 2023

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • The Essentials
    FAQs Forms
  • Announcements
    Carrier Events mFax Events Platform Events Release Notes
  • Billing Administration
    Datagate OneBill
  • Faxing
    mFax - Analog mFax - Digital Native Fax
  • Hardware & Software
    Manual Configuration Provisioning NDP Axis Cisco Fanvil Grandstream Polycom Snom Yealink Mobile Applications Desktop Applications Mobile-X SNAPbuilder TeamMate Connector UC Integrator
  • Hosted Voice
    Auto Attendants Branding Call Queues Call Routing CDRs Conferencing E-911 Features Fraud Integrations Inventory / Phone Numbers Local & Toll Free Porting Onboarding Recommendations SNAP.HD SIP Trunking SMS / MMS Users Voicemail Caller ID
  • Troubleshooting
    VoIPmonitor Firewalls PBX
  • Ray's Stuff
+ More

Table of Contents

Customer Obligations/Disclaimer Types of Fraudulent Traffic To Be Concerned About Unlawful Robocalls (Within North America) Domestic Toll Fraud/Traffic Pumping

Scope

Intended Audience: All End Users

This document is intended to help customers to reduce their fraud attack surface and help them take measures to protect themselves, including their connections to the PBX, This document is not all-inclusive and can’t guarantee that the recommended best practices will stop all fraud. The intent is to provide a framework our customers can use toward the prevention and mitigation of fraudulent events and to lessen the risk associated with all types of telecommunications fraud.

 

 

Customer Obligations/Disclaimer

We provide these Recommended Fraud Mitigation Best Practices (“Fraud Best Practices”) to help its customers reduce fraud by taking measures to protect themselves and the networks connected to the PBX. Neither these Fraud Best Practices nor anything included in these Fraud Best Practices alters any customer's contractual obligation to manage its network and its end users. 

Types of Fraudulent Traffic To Be Concerned About

The term “Fraud” typically relates to the practice of illegally extorting money, personal information, financial information, security credentials, etc. The term “fraudulent traffic” also describes a wide range of devious telecommunications behaviors that are used to impersonate and mask identities with the intent to steal or harm.

We consider the following types of voice calling and text messaging as fraudulent traffic:

  • Traffic deemed invalid (per FCC rules)
  • Traffic sent with the intent to steal or harm
  • Traffic sent with the intent to harm through impersonating or masquerading identities

We reserve the right to protect itself and its networks by stopping fraudulent traffic from traversing its networks. Customers who send traffic that the telecommunications industry, government authorities, and service providers consider fraudulent, are at risk of having their traffic blocked - either by us or any downstream service provider.

The following specific types of illegal activities also violate Acceptable-Use Policies (AUP).

  • Unlawful Robocalls (North America)
  • Domestic Toll Fraud/Traffic Pumping
  • International Toll Fraud/IRSF
  • Toll-Free Traffic Pumping (North America)
  • Phishing Scams (IRS, SSA, Vacations, Student Loans, etc.)
  • Text messaging SPAM

Unlawful Robocalls (Within North America)

In November 2017, the Federal Communication Commission (FCC) issued a report and order that described a number of specific types of robocalls considered to be unlawful. Further, in May 2019, the FCC released a declaratory ruling that gives service providers leeway to block unlawful robocalls at the network level by default, with the intent of preventing unlawful calls from reaching the general population in the first instance. The types of robocalls the FCC has specifically determined to be unlawful are calls made with:

  • Invalid ANI/FROM telephone numbers (TNs)
  • Unallocated ANI/FROM TNs
  • Blank or alpha-numeric characters in ANI/FROM TNs
  • Telephone numbers on the Do Not Originate (DNO) List(s)

Here are the best practices that customers can follow to prevent the flow of unlawful robocalls from their network toward the PBX:

  • Make sure all of your voice calling traffic contains good/valid telephone numbers in the ANI/FROM fields. See the definitions of the various types of ANI/FROM fields below. Ensure that all of your calls toward the PBX meet the following “VALID” criteria.
    • VALID: A valid NPA-NXX-XXXX in the NANP
    • UNALLOCATED: A valid NPA NXX XXXX in the NANP, but NOT assigned either to a carrieror in the LERG
    • INVALID NUMBER: A complete telephone number (TN) that is NOT VALID, but of the correct format [2-9][0-9][0-9] [2-9][0-9][0-9] [0-9][0-9][0-9][0-9] (i.e. 10 digits in length, 1st and 4th are [2-9] all others are [0-9])
    • INVALID DIGITS: The calling party number is numeric, but doesn’t fit into a category defined above (all 1's, partial entry <10 digits, etc.)
    • 8YY: The calling party number is an 8YY number
    • 911: The calling party number is 911
    • 411: The calling party number is 411
    • N11: The calling party number is any of N11 number besides 911 or 411
    • 555: The NXX is 555
    • ALPHA: The calling party number has 'alpha' characters that are random or the word ANONYMOUS in it
    • EMPTY: There’s no calling party number present
  • Make sure that calls from your network or from your customer’s never have ANI/FROM phone numbers that fall into the UNALLOCATED, INVALID, N11, Alpha or Empty ANI categories. Please be aware that if any of these types of calls leave your network and are sent toward the PBX, you run the risk of these calls being BLOCKED by the PBX or another downstream service provider.
  • Review your customer use cases and discourage short-duration (<15 seconds) calling. Short duration calls raise flags on most service provider networks and may lead to Call Blocking per the FCC guidelines.
  • If you receive voice traffic that falls into the FCC’s ‘unlawful’ categories, please take measures to detect, mitigate, block, and educate your customers to cease sending these types of calls.

Domestic Toll Fraud/Traffic Pumping

Delivering phone calls to all areas of North America doesn’t cost the same for each area. Marketplace dynamics dictate that supporting remote or lightly populated markets is generally more expensive than more densely populated cities.

The intercarrier compensation regime that applies to connected carriers that exchange traffic in the higher cost areas allow for the billing of access charges for calls to and from these more rural destinations.Thus, it’s much more expensive to deliver calls to areas like rural Iowa, as opposed to Des Moines or Cedar Rapids, IA. Bad actors know this and will frequently turn-up automated phone-answering systems to generate traffic in these expensive areas.Then, they advertise through social media, websites, texts and emails to generate calls into these automated phone-answering systems.

The fraud schemes that arise in such scenarios are a function of intermediate service providers being billed higher call handling (access) charges, which subsequently contribute to the fraudulent payments to bad actors.Traffic pumping of this sort is typically robotically dialed, lasts over 15-30 minutes and is connected into automated systems that provide little or no value to the caller. Many of these calls complete into systems that return dead-air, barking dogs, ‘press 1 to continue’ loops, chat lines, recorded messages that never end, and in many cases, loud screeching tones.

The most common ways for bad actors to exploit high-cost traffic pumping is to acquire phone numbers from the local exchange phone company, stand-up fraudulent systems in an unknowing service provider’s colocation or cloud data centers, and then launch campaigns on social media to entice people to dial these recently acquired local numbers by the hundreds and asking them to leave the calls up, once connected. A nefarious service provider in the money chain will overcharge reputable carriers exaggerated access charges and give a portion of these charges to bad actors.

Here are the best practices that customers can follow to prevent the flow of Domestic Toll Fraud/Traffic Pumping from their network toward the PBX:

  • Set up detection alarms on yours and your customer’s traffic to alert you on numerous, robotically dialed calls made to known high-cost areas of North America. These areas include but aren’t limited to rural Iowa, rural South Dakota, and rural Massachusetts. Look at the NPAs, compare the rates within your typical rate decks, and either convince your customers to stop sending this kind of traffic to you, or block this kind of traffic from terversing your network. We may also be monitoring for this type of traffic and typically alerts our customers upon detection.
  • Educate your customers on this type of fraud and encourage them to prevent, detect, and mitigate such fraudulent Domestic Toll Fraud traffic before it reaches your network.

 

 

best practices fraud prevention

Was this article helpful?

Yes
No
Give feedback about this article

Related Articles

  • Text Messaging SPAM
  • Good Cyber Hygiene & Best Practices
  • International Toll Fraud/International Revenue Share Fraud (IRSF)
  • Unlawful Robocalls (Within North America)

Knowledge Base Software powered by Helpjuice

Expand