In addition to implementing new technologies to combat the fraudulent use of cellular phones, carriers and retail agents have implemented new fraud management procedures to help prevent the opportunity for abuse.
Service Providers Revenue losses to mobile phone fraud are so great that many service providers have an internal unit that is responsible for advising the company on ways to minimize opportunities for fraud, investigating instances of fraud and working with law enforcement authorities to prosecute criminals, and to educate corporate mobile phone users about ways to prevent fraud.
The following procedures, when adopted by service providers, can minimize opportunities for fraud:
- Check clearance. Allow a new customer to access the network only after the check has been cleared. In the United States, the Federal Reserve requires three business days to clear personal checks.
- Credit card verification. Allow a new customer to access the network only after the credit card has been verified. This can be done in a few minutes via card readers connected to the card issuer’s regional database.
- Welcome call. Verify a new customer’s identity before paying out a bonus or commission to the salesperson or licensed dealer. Call the customer on a fixed line to verify name and address, and confirm other details on the application form—such as mother’s maiden name or spouse’s initials. Ask for the name and address of the employer; if in doubt, call the workplace to verify employment information.
- Welcome letter. Send a letter to the customer in an envelope that does not give the appearance of being junk mail. In order to activate service, the recipient must call the customer service toll-free phone number specified in the letter.
- Commission withholding. Implement a 3-month withholding period for connection commissions to dealers. If a new subscriber fails to make the first payment within that period, the sale should be declared invalid and the connection commission canceled.
- Premium services bar. Only provide those services which a new subscriber has asked for. International calling and premium rate services would be automatically barred by default when the phone is given to the customer.
- Early invoicing. Send the first phone bill out early to minimize airtime fraud or expose commission fraud.
- Credit alert. Generate a report of phones with a high-volume of calls.A complex algorithm is used to detect fraudulent activity based on customer profiling, how long the phone has been connected, average monthly spend, and period of inactivity followed by hectic usage.
- Nonphone alert. This is a commission fraud involving a bogus phone, or the phone was never switched on. If the phone was switched on only two or three times over a period, the customer should be contacted as a precaution.
Subscribers Businesses and government agencies are very susceptible to cellular fraud. Not only do employees have no personal stake in taking basic antitheft precautions, but the phone bills of many organizations are so massive that fraudulent calls are difficult, if not impossible, identify.
Most fraudulent phone calls are paid for by unknowing victims, often traveling executives who pass the invoices on to their companies without inspecting them. Nevertheless, organizations (and consumers) can minimize mobile phone fraud by taking the following precautions:
- If available, purchase phones equipped with authentication technology, which uses secret codes that are never transmitted across the airwaves.
- Ask the mobile service for a PIN that must be entered before a call can go through. Given the infrequency of its transmission, this code is not easily intercepted, and without it, cell phones cannot be cloned.
- If not needed, ask the service provider to shut off access to international service. This would prevent anyone from making illegal calls to other countries, where many fraudulent calls are directed.
- If possible, use a beeper to screen incoming calls. With the phone is turned off, it will not be transmitting its identifying numbers, thereby minimizing vulnerability to fraud. Since call retrieval usually entails air time charges, it is more economical to use the beeper as a screening device for calls that do not demand immediate attention.
- Do not lend the cell phone to anyone, and put it in a safe place when it is not in use. Even if the cell phone is insured against theft, most subscriber agreements limit coverage to one incident, after which the user must pay for a replacement phone.
- When leaving cars unattended, remove the handset and antenna to prevent mobile phone thieves from targeting the vehicle.
- Never leave the subscriber agreement or contract out in plain view; it usually contains such sensitive information as Social Security Number, drivers license number, credit card number, mobile number, and electronic serial number.
- Report all problems to the service provider immediately, especially if there is trouble placing calls. This may indicate that someone may have cloned the phone and is using it at that time. Other warning signs include difficulty retrieving voice-mail messages, excessive hangups, and callers receiving busy signals or wrong numbers.
While there is great progress in cracking down on mobile phone fraud in the United States and Europe, other countries are experiencing an increase in this kind of criminal activity. According to some experts, the international arena looms as the next frontier for mobile phone fraud, particularly in locations where U.S.-based multinationals are setting up shop and buying this kind of service.
Foreign governments have just not been aggressive in finding and prosecuting this kind of criminal, they note. In some countries such as China, there are even operations dedicated to building cell phones that get illegally programmed and then sold on the black market.
Scanning the airwaves for cell phone identification numbers and programming them into clones has been made more difficult with sophisticated authentication processes and digital networks that support encryption. GSM will change the nature of fraud in the future. The authentication mechanism implemented with the SIM is forcing many would-be criminals to turn their attention to subscription fraud, which is still time-consuming to track down, even for the largest service providers.
Mobile phone fraud is an extension of “phone phreaking,” the name given to a method of payphone fraud that originated in the 1960s and employed an electronic box held over the speaker. When a user is asked to insert money, the electronic box plays a rapid sequence of tones that fool the billing computer into thinking that money has been inserted. Since then, criminals and hackers have devoted time and money to develop and refine their techniques, applying them to mobile phones as well.
The growing popularity and spread of the Internet to distribute tips and tricks to defraud carriers makes mobile phone fraud a billion-dollar international activity. Not only is mobile phone fraud lucrative, the stolen handsets have also provided anonymity to callers engaged in criminal activities. Apart from the called numbers, often no other evidence is left behind. The calls are charged to the legitimate subscribers’ accounts.