2022 GLF Fraud Report: Demonstrating accountability in the fight against fraud

EXECUTIVE SUMMARY

Voice Fraud

1. The volume of fraud has been increasing, 50% of survey respondents see an increase in the volume and impact of fraudulent voice traffic versus the previous year.
   
   · 24 pp increase from the 26% of respondents in 2021.
   · Only 33% of respondents experiencing a decrease in the impact of fraud.
   
   This indicates that fraud teams are increasing capabilities to detect fraudulent traffic and whilst bad actors are still driving a significant amount of fraudulent traffic through the carriers.

2. IRSF was listed as the highest in terms of volume (50% of respondents listed as ‘high’ volume) and financial impact (56% of respondents listing ‘high’ financial impact). As IRSF covers several techniques used by fraudsters the volume and traffic causing financial impact is higher than other use cases. Second to IRSF a popular application denominated Missed Call / Wangiri Fraud with 48% listing ‘high’ volumes.

3. Historical trends indicate a constant decrease in the volume and financial impact of some fraud use cases:· Hijacking a reduction of 6 pp from 2020.
   
   · Hacking of a customer’s phone system a reduction of 8 pp from 2020.
   · False answer supervision a reduction of 24 pp from 2020.
   
   This illustrates the fact that voice fraud is a constantly changing environment from bad actors looking to fool systems to fraud teams that must continue to innovate and collaborate within the industry to stay one step ahead.

4. The increased sophistication and technology used by fraudsters have brought great challenges to the carriers’ fraud teams. Although some use cases such as the financial impact of Missed Calls/Wangiri have been mitigated, ISRF is still the main concern of the industry, sparking new use techniques and methodologies to commit fraud. This concern should be translated to a further collaboration of fraud teams and the overall community, as this concerns many actors along the value chain.

Messaging Fraud

1. The growing messaging market has proven to be attractive to fraudulent actors. 35% of respondents observe an increase in the impact of fraudulent messaging traffic in the past 12 months. Respondents indicate SMS Phishing as the highest use case in volume and the growth (55% and 48% of respondents respectively). As phishing messages increase in sophistication, it is crucial to both improve tools that detect and block fraudulent messages and double down on the efforts to educate customers in both detecting and reporting suspicious messages.

2. Despite high volumes in messaging fraud, effective firewall systems and the nature of the messaging fraud results in use cases having a low financial impact on respondents.· 42% responded low financial impact on SMS Phishing and Originator Spoofing use cases.
   
   Although some use cases have no direct financial impact on carriers, they do have a negative impact on customer experience. Carriers must ensure the security and integrity of their network, making efforts to detect and fight against traffic intending to damage their end users.

3. Even though messaging traffic is a growing concern, 50% of carriers who provided insights on both voice and messaging fraud see the volume of fraudulent voice traffic higher than the volume of messaging traffic. Although no consensus is reached given the data, additional points to consider are the varying volumes of messaging and fraud traffic each carrier experiences, the fact that some carrier´s messaging product is still novel to the market and that carriers have different thresholds to classify suspicious traffic.

International best practices

1. Diving into the carrier’s internal practices, respondents show that fighting fraudulent traffic is an increasingly top priority.· 43% of respondents listing fraudulent traffic as a top priority in their organization.
   
   ·  17pp increase from 2021.
   
   As indicated by the data this top priority translates into direct investment in internal resources, 77% of respondents foresee an increase in investing in fraud prevention infrastructure in 2023 focused on process automation and efficiency. Additionally, 47% of respondents forecast an increase in FTEs allocated to manage fraud in the next 12 months, hence the GLF expects continues investment in both manpower and technological solutions to support the fight against fraud.

Code of Conduct attestation process

1. The code of conduct established in 2018 sets the benchmark of behaviour that carriers should seek to attain to ensure that there is consistent action taken across the industry to fight against fraudulent traffic. It is broken down into 6 principles related to targets and reporting, processes, destinations, payment flows, information sharing and contracting.

2. The attestation process kicked off in 2021 requires that participants prove their adherence to each of the six principles. To be compliant carriers must score over 70% in each of the six principles and provide evidence for their responses. Of the carriers that participated in the 2021 attestation process, 39% made improvements to their practices improving their score, principally in the efforts made to roll out anti-fraud clauses in their new and existing contracts to comply with i3 forum standard anti-fraud clauses.