IRSF has existed for years but lately it has made a push to become one of the costliest forms of telephony based fraud. As industry experts hypothesize that telecom fraud has risen to $38 billion dollars it's estimated that the IRSF scheme accounted for up to 16% of that.
For those that need a refresher course. IRSF (or International Revenue Share Fraud) occurs when a T3 carrier fraudulently directs traffic through a network at a massive clip to take a small share of the premium rates for every single call. Sure, it's a relatively small amount every time, but when replicated thousands or even millions of times, the pennies start to add up. On a business level the easiest way to think of this would be VERIFICATION + FRAUD. A fraudster registers a premium number on a website and mobile app. They will later exploit this anchor to generate artificial voice traffic and fraudulent revenues.
A broader metaphor would include a bridge troll that operates a toll booth. If you have ever watched It's Always Sunny in Philadelphia or read a Norwegian fairy tale, you are aware of the unpleasant disposition of a bridge troll. This troll sets up a toll booth and charges anyone that crosses the bridge. He then creates some sort of event, perhaps he sets fire to the lands east of the bridge thus when people flee west they are forced to cross the bridge and pay him the toll.
That's what the IRSF fraudster is doing to large companies. They are behaving like a bridge troll. They write some script that triggers a voice call event, generates calls through his or her network all day long and YOU do not notice until it is too late, until the fraudster has collected his large toll and moved on to the next scam. Of course that is just one iteration of the IRSF fraud. Beyond that traffic hijacking and similar call center scams are often used, these guys have thought of it all. Heck, some of the largest companies in the world have fallen victim to this using voice 2FA because they failed to verify premium rate call back numbers. One single fraudster can trigger voice calls from a beach chair on an exotic island while sipping a daiquiri and clear over $1700 a day without breaking a sweat.
There are a lot of factors working against companies in regards to IRSF Fraud. First, a lot of this fraud takes place during evenings and weekends, a time when there are fewer people paying attention to something that isn't all that easy to detect in the first place. Second, a lot of this fraudulent traffic is originating in developing nations where there is less government oversight on things like Telephony fraud.There is a degree of regulation in these nations but it becomes much easier to circumvent certain rules when they are loosely defined and seldom enforced. Also, termination rates in these countries is very high so even if fraudsters aren't using IPRN ranges, they can still pocket a good amount just because of how telecom pricing structures are managed.
Lastly, and this one is the kicker…
Apart from the fraudster, the way telecom contracts and pricing agreements are structured actually creates an incentive for every node in the chain to not treat solving IRSF as a priority. With the end result being that the victim ends up losing out and everyone else keeps their mouths shut like they're mobbed up.
So now we have bridge trolls, we have mafia-esque tactics, anything else compelling about this type of fraud? Why yes. It's actually so easy and so profitable that terrorist groups have been known to use it to fund their attacks.
That's right, something as silly sounding as ‘internal revenue share fraud' can actually have life or death consequences. It's very important that we stop it.
TeleSign is firmly anti-troll (both literal and metaphorical) and that's why we created Score. Score uses data attributes from a phone number and assesses the likelihood of fraud. Therefore, if someone is using hundreds of virtual numbers to generate thousands of verification robocalls, TeleSign can stop it, just like the billy goat bested the troll at the end of The Three Billy Goats Gruff. Furthermore, along with the behavioral and machine learning aspect of score, we have the largest database of IRSF and premium rate numbers in the world (50+ million) so we are well adept at keeping the bad guys out.What's more, if you already use TeleSign's Voice services you don't need to worry about implementing a new tricky API. We can just turn it on like a light switch. Easy enough, right?Every industry is at risk for IRSF fraud. Ecommerce, tech, mobile apps, just to name a few. If you operate any sort of platform that can generate calls to end-users you are at risk of losing a substantial amount of dough. You could be thinking “Well it hasn't happened to me yet.”
The operating word there is “Yet.” Don't wait around for a foul bridge troll to threaten to gobble you (or your precious cash) up. Talk to us about Score now before it's too late.