International Revenue Share Fraud (IRSF)
What is International Revenue Share Fraud (IRSF)?
International Revenue Share Fraud (IRSF) is a type of fraud that is prevalent in the telecommunications industry. Fraudsters use complex pricing structures of international calls and SMS traffic to generate revenue by inflating the volume of international traffic to a particular destination. This type of fraud is also known as Toll Fraud or SMS Pumping Fraud.
How does it work?
Fraudsters target specific destinations that have high termination rates and set up a premium rate number in that country. They then use different methods to generate traffic to that number, such as automated dialers, hacking into PBX systems, and exploiting vulnerabilities in SMS messaging systems. This creates a significant increase in traffic to that destination and generates profits for the fraudsters.
What are the different methods of attack?
There are several methods of attack that fraudsters use to carry out IRSF, including:
- PBX hacking: Fraudsters can hack into the private branch exchange (PBX) system of a company and gain unauthorized access to its telecommunications network. They can make international calls or send SMS messages to premium rate numbers, resulting in a significant increase in traffic to a specific destination.
- Automated dialers: Fraudsters use automated dialers that are programmed to call numbers at a high frequency, which generates a high volume of traffic to specific destinations.
- SMS messaging systems: Fraudsters exploit vulnerabilities in SMS messaging systems and trick users into sending messages to premium rate numbers. This generates a large volume of traffic and profits.
What industries are the most at risk?
Industries that use a significant amount of telecommunications services, such as call centers, hotels, and healthcare providers, are at higher risk of being targeted by IRSF. These industries make a high volume of international calls and send a significant number of SMS messages, which makes them attractive targets for fraudsters. But as digital transformation continues to accelerate, businesses who rely on digital communication are becoming targets of the fraud.
How can companies detect IRSF fraud?
Companies can use different techniques to detect IRSF, such as:
- Traffic analysis: Companies can use traffic analysis tools to monitor their telecommunications network for unusual call patterns, high volumes of traffic to specific destinations, or repeated calls to premium rate numbers.
- Real-time monitoring: Real-time monitoring systems can detect fraudulent activity as it happens, allowing companies to take immediate action to stop the fraud.
- Fraud management systems: Fraud management systems can detect and prevent fraud by analyzing call data records and comparing them to known patterns of fraudulent activity.
How can companies defend against IRSF fraud?
Companies can defend against IRSF by implementing a range of preventative measures, such as:
- Strong passwords: Implementing strong passwords can protect a company’s PBX systems from hacking attempts.
- Access control: Companies can limit access to their telecommunications network to authorized personnel only and monitor all access to the network.
- Traffic limits: Companies can place limits on the amount of traffic that can be sent to specific destinations or can block calls and messages to premium rate numbers.
- Real-time monitoring: Using real-time monitoring systems, companies can detect fraudulent activity as it happens and take immediate action to stop fraud.
How does Telesign help prevent IRSF?
Although IRSF is on the rise and expensive, it is often difficult to detect. Nonetheless, adopting a proactive approach that integrates customized solutions into your security system can help prevent IRSF attacks effectively.
Telesign’s Intelligence solution can effectively prevent IRSF fraud before it occurs. Intelligence defends against IRSF by scrutinizing phone number behavior. For example, it can notify you of a particular phone number that has a history of sending numerous SMS messages within a short period of time, a clear indicator of a potential IRSF attack.
Intelligence uses advanced machine learning techniques to not only provide a reputation score but also recommend an action, such as “allow,” “block,” or “flag.” By acting on these recommendations, Intelligence can swiftly and accurately detect risky numbers for the future and help you cut down on operational costs.