Phone fraud

• $4.96 billion – compromised PBX/voicemail systems
• $4.32 billion – subscription/identity theft
• $3.84 billion – International Revenue Share Fraud
• $2.88 billion – by-pass fraud
• $2.40 billion – cash fraud

  Types of frauds

Fraud against users by phone companies

• Cramming is the addition of charges to a subscriber's telephone bill for services which were neither ordered nor desired by the client, or for fees for calls or services that were not properly disclosed to the client. These charges are often assessed by dishonest third-party suppliers of data and communication service that phone companies are required, by law, to allow the third-party to place on the bill.
• Slamming is any fraudulent, unauthorized change to the default long-distance/local carrier or DSL Internet service selection for a subscriber's line, most often made by dishonest vendors desiring to steal business from competing service providers.
• False Answer Supervision is a misconfiguration of telephone company equipment, by negligence or design, which causes billing to start as soon as the distant telephone begins ringing, even if a call is busy or there is no answer. The cost is typically subtle but recurring as subscribers repeatedly pay some small amount for calls which were never completed.

  Fraud against customers by third parties

• PBX dial-through can be used fraudulently by placing a call to a business then requesting to be transferred to "9-0" or some other outside toll number. The call appears to originate from the business and appears on the company's phone bill. Trickery or bribery and collusion with dishonest employees inside the firm may be used to gain access.
• A variant is a call forwarding scam, where a fraudster tricks a subscriber into call forwarding their number to either a long-distance number or a number at which the fraudster or an accomplice is accepting collect calls. The unsuspecting subscriber then gets a huge long-distance bill for all of these calls.
• A similar scheme involves forwarding an individual PBX extension to a long-distance or overseas number; the PBX owner must pay tolls for all of these calls. Voice over IP servers are often flooded with brute-force attempts to register bogus off-premises extensions or to directly call SIP addresses which request outside numbers on a gateway; as they are computers, they are targets for Internet system crackers.
• Autodialers may be used for a number of dishonest purposes, including telemarketing fraud or even as wardialing, which takes its name from a scene in the 1983 movie WarGames in which a 'cracker' programs a home computer to dial every number in an exchange, searching for lines with auto-answer data modems. Sequential dialing is easy to detect, pseudo-random dialing is not.
• In the US, owners of customer-owned coin-operated telephones are paid sixty cents for every call their users make to a toll-free telephone number, with the charges billed to the called number. A fraudulent COCOT provider could potentially auto-dial 1-800 wrong numbers and get paid for these as "calls received from a payphone" with charges reversed.
• Autodialers are also used to make many short-duration calls, mainly to mobile devices, leaving a missed call number which is either premium rate or contains advertising messages, in the hope that the victim will call back. This is known as Wangiri from Japan where it originated.
• 809 scams take their name from the former +1-809 area code which used to cover most of the Caribbean nations, since split into multiple new area codes, adding to the confusion. The numbers are advertised as offering services to callers in, typically, North America; they look like Canadian or US telephone numbers but are actually costly premium international calls that bypass consumer-protection laws that regulate premium numbers based in the victim's home country. Some advertise phone sex or other typically premium content. Ways to elicit calls include leaving unsolicited messages on pagers, or making bogus claims of being a relative in a family emergency to trick users into calling the number, then attempting to keep the victim on the expensive call for as long as possible. A later version of the 809 scam involves calling cellular telephones then hanging up, in hopes of the curious victim calling them back. This is the Wangiri scam, with the addition of using Caribbean numbers such as 1-473 which look like North American domestic calls.
• Pre-paid telephone cards or "calling cards" are vulnerable to fraudulent use. These cards show an access number that can be dialed to bill worldwide toll calls to the card via a passcode printed on a particular card. Anyone who obtains the passcode can make calls charged to the card.
• Carrier access codes were widely misused by phone-sex scammers in the early days of competitive long distance; the phone-sex operations would misrepresent themselves as alternate long-distance carriers to evade consumer protection measures which prevent US phone subscribers from losing local or long-distance service due to calls to +1-900 or 976 premium numbers. This loophole is now closed.
• In the US, area code 500 and its overlays permit a "follow-me routing" in which, if the number has been forwarded to some expensive and arbitrary destination, the caller is billed for the call to that location. Similar issues existed with area code 700 as the numbers are specific to long-distance carriers. Because of the unpredictable and potentially costly rate for such a call, these services never gained widespread use.
• Telemarketing fraud takes a number of forms; much like mail fraud, solicitations for the sale of goods or investments which are worthless or never delivered and requests for donations to unregistered charities are not uncommon. Callers often prey upon sick, disabled and elderly persons; scams in which a caller attempts to obtain banking or credit card information are also common. A variant involves calling a number of business offices, asking for model numbers of various pieces of office equipment in use, sending unsolicited shipments of supplies for the machines, and then billing the victims at inflated prices.
• Caller ID spoofing is a technique used with many frauds to impersonate a trusted caller such as a bank or credit union, a law enforcement agency, or another subscriber. When the telephone rings, the number displayed as caller is the faked trusted number. These calls may be used for vishing, where a scammer impersonates a trusted counterparty in order to fraudulently obtain financial or personal information.
• Call clearing delays, in some United Kingdom exchanges, could be abused to defraud users. For many years only the caller could disconnect a call; if the called party hung up the call it would not be disconnected. A thief would call a household and impersonate, for example, a bank or the police, and encourage them to call back, using a trusted number known to the victim. The caller could then play a recording of dial tone to trick the victim into thinking they were making a new call, while actually remaining connected to the original call; someone impersonating a bank or police officer would then come on the line.
• Cordless phones had additional vulnerabilities; with some models a scanner radio could intercept analogue conversations in progress, or a handset of the same or a similar model as the target system may be usable to make toll calls through a cordless base station which does not authenticate calls. Obsolete analogue mobile telephones have stopped working in areas where the AMPS service has been shut down, but obsolete cordless phone systems may remain in service as long as analog telephony is supported.
• A scam involving Indian call centers targeting American or Canadian customers demanding "unpaid taxes" by impersonating government officials was reported in 2016. Similar government impersonation scams include the SSA impersonation scam.
• Every day, hundreds of scam calls are received on the US mainland which offer the recipients grant money from the Federal Government, but requesting a "small administration fee", although there are no fees associated with applying for or receiving a government grant.
• During the 1980s, a common form of premium-rate fraud involved manipulating children to call a premium-rate number without their parents' knowledge or permission, sometimes going so far as to ask a child to hold the phone receiver up to the television set as it played DTMF tones to automatically trigger the dialing of a premium number. Such practices are now illegal in the United States.
• The Can You Hear Me? telephone scam was alleged to be used in North America in 2017: the caller would ask a question with the answer "yes", then use a recording of the "yes" to make telephone transactions.
• SMS pumping is a form of fraud where attackers exploit the messaging systems of businesses to generate revenue by sending high volumes of messages to premium-rate phone numbers. To achieve this, fraudsters target vulnerabilities in SMS gateways or APIs used by businesses for customer communication.

  Fraud between phone companies

• Interconnect fraud involves the falsification of records by telephone carriers in order to deliberately miscalculate the money owed by one telephone network to another. This affects calls originating on one network but carried by another at some point between source and destination.
• Refiling is a form of interconnect fraud in which one carrier tampers with CID or ANI data to falsify the number from which a call originated before handing the call off to a competitor. Refiling and interconnect fraud briefly made headlines in the aftermath of the Worldcom financial troubles; the refiling scheme is based on a quirk in the system by which telecommunications companies bill each othertwo calls to the same place may incur different costs because of differing displayed origin. A common calculation of payments between telecommunications companies calculates the percentage of the total distance over which each telecommunications company has carried one call to determine division of toll revenues for that call; refiling distorts data required to make these calculations.
• Grey routes are voice over IP gateways which deliver international calls to countries by mislabeling them as inbound local mobile telephone calls at destination. These "SIM box" operations are common in third world nations with exorbitant official international rates, usually due to some combination of tight control by one state-supported monopoly and/or excessive taxation of inbound overseas calls. Governments who believe themselves entitled to charge any arbitrary inflated price for inbound international calls, even far above the cost of domestic calls to the same destinations, will legislate against any privately owned, independent, competitive VoIP gateway, labeling the operations as "bypass fraud" and driving them underground or out of business. As a VoIP gateway in such a regulatory environment typically does not have access to T-carrier primary rate interface or PBX-style trunks, its operator is forced to rely on a hardware configuration with Internet telephony on one side and a large number of mobile SIM cards and handsets on the other to place the calls as if they were from individual local mobile subscribers.