[VoiceOps] Fraud

Paul Timmins paul at timmins.net
Tue Feb 25 09:52:37 EST 2014


We do something similar in our environment. We have a per-tn blacklist that starts with all country codes except about 20 of them in it. If a customer calls to complain (I think one of them did this so far out of thousands), we remove a specific country from the list (or all of them).

Combined with a system that completely restricts international calling based on the customer's rolling 24 hour cost to us for international calls (we basically rate the calls every few minutes at the rates we're billed for them, and if you use over X amount at our cost over 24 hours, you get your international service shut off until we call you. The system sends a report to the account manager team and NOC and shuts them off instantly, and then the account managers work with the NOC to contact the customer offering technical assistance, and the account managers work with them on the financial side.

This strategy nearly eliminates losses on our side, because the account team knows what that traffic cost us, the NOC helps prevent the customer from further fraud by giving them advice or helping them, and the customer has to pay us maybe $100.

-Paul

On Tue, 02/25/2014 09:34 AM, "My List Account" <mylists at battleop.com> wrote:
> 




I’m pretty sure it would ruffle some feathers around here if I sent that list out into the public domain.  I can tell you that we basically go thought the rate deck and filter anyone that’s above X amount per minute and then throw in countries where customer’s hacked PBX’s send calls to.  It’s not the most scientific method but it’s the most complaint free method.
 
Richey
 
From: John Curry [mailto:telecom7 at gmail.com] 
> Sent: Monday, February 24, 2014 4:21 PM
> To: 'My List Account'; voiceops at voiceops.org
> Subject: RE: [VoiceOps] Fraud
 
Would you mind sharing your hi toll rate destination dial plan?
 
From: VoiceOps [mailto:voiceops-bounces at voiceops.org] On Behalf Of My List Account
> Sent: Monday, February 24, 2014 1:48 PM
> To: voiceops at voiceops.org
> Subject: Re: [VoiceOps] Fraud
 
Maybe I am missing something here but why does the carrier that delivers the fraudulent traffic to the Telco that’s in on the fraud pay the Telco that’s in on the fraud for the calls that are delivered to their network?   Seems pretty simple, if you cut off their revenue stream they won’t have a reason to continue.   
 
I guess we all know there is no incentive for them to stop this practice because it’s a big cash cow for everyone except for the poor end user who is left holding the bag.
 
Our default dial plan won’t let you dial these destinations so we don’t have a real issue with this abusive traffic.   Most of our customers who use international go with one of our filtered dial plans that let them dial most of the world except for known fraudulent and high toll rate destinations.
 
 
Richey
 
From: VoiceOps [mailto:voiceops-bounces at voiceops.org] On Behalf Of Ryan Delgrosso
> Sent: Saturday, February 22, 2014 11:48 AM
> To: voiceops at voiceops.org
> Subject: Re: [VoiceOps] Fraud
 
In most cases you will lose this customer. They don't see this as their responsibility (i.e. the credit card fraud defense) but the reality is their equipment was compromised due to their negligence. 
> 
> If the customer is reasonable offer them your cost on the damages so its just a passthrough. Otherwise you can take them to court or just send them to collections. 
> 
> BTW while many will advocate fraud detection and mitigation systems here, its been my experience (we wrote our own fraud system that out-performs our upstream carriers by hours) that if you detect fraud on a customer like this, and shut it down in minutes, and mitigate what could have been thousands of dollars in damage due to their mis-configured systems, reducing it to just tens or hundreds they will often still fight that amount and deny responsibility. The fraud system protects you, and by extension the customer, but the customers don't see it that way. 
> 
> -Ryan
On 02/19/2014 02:09 PM, John Curry wrote:
> I am new to your site. I was looking in the Archives and saw in November 2013 there were some of you who experienced fraud. We had a an Avaya IP Office customers system who got hit pretty bad. The customer is treating the fraudulent calls like credit card fraud and not taking any responsibility. Does anyone have any advice on how to persuade the customer take this issue seriously?  His bill was racked up pretty good.  Strangely and coincidentally Avaya came out with a security bulletin the end of December 2013 on this same issue.  I tried to contact Avaya with no response. It seems as though someone has built a sniffer for the Avaya IP Offices and gleaning their registrations.
 
_______________________________________________
VoiceOps mailing list
VoiceOps at voiceops.org
https://puck.nether.net/mailman/listinfo/voiceops
 

        _______________________________________________
VoiceOps mailing list
VoiceOps at voiceops.org
https://puck.nether.net/mailman/listinfo/voiceops
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20140225/a013a2ab/attachment-0001.html>


More information about the VoiceOps mailing list