TMCnet - World's Largest Communications and Technology Community

Wholesale VoIP Feature Article

ECG's Toll-Fraud Detection System Intelligently Kills Retail, Wholesale VoIP Fraud

October 11, 2011
By Rajani Baburajan, TMCnet Contributor

VoIP toll fraud has been a major concern for carriers worldwide especially after November 2010 when VoIP fraudsters stared using the "SIPVicious" security scanning tool to search the Internet for VoIP service that could be stolen.

Earlier this year, BBC reported the U.K. Department of Finance and Personnel has been targeted by phone hackers. Dr. Kevin Curran, a computer expert at the University of Ulster, explained that hackers often originate their scam from abroad, making detection difficult. In a typical VoIP fraud, the hackers use the compromised network to call their own premium rate phone lines.

ECG, a VoIP network design and integration consultancy, estimates that over $1 million in international termination service has been stolen by criminals targeting VoIP service providers in the United States. Some individual incidents have amounted to more than $160,000.

FraudStopper, a new toll-fraud detection system optimized for VoIP providers, is the solution to combat VoIP toll fraud, according to ECG officials. The solution has already been proven success at a major Competent Local Exchange Carrier (CLEC) based in New York City.

Company officials say FraudStopper has helped the carrier to successfully detect numerous incidents of attempted theft of service, saving them tens of thousands of dollars in losses for international termination.

FraudStopper differs from conventional fraud detection systems. If a customer appears to make a large number of international calls, the system will alert automatically; however, it that same customer routinely makes a large number of international calls and pays for the service, the system would assume it’s a normal course of business. In this manner, FraudStopper can identify the wide diversity among VoIP customers, some of whom make no international calls, while others make numerous calls.

The dynamic database of FraudStopper also understands weekly patterns of work. This is important because an ordinary activity on a Monday might be fraudulent levels on a Saturday. The User Behavior Database compares details from the day of the week extending far into the past to make accurate judgments and reduce false positives.

"FraudStopper learns the normal behavior for customers by analyzing historical billing records to determine what is routine for each individual," said James Pucket, president of ECG, in a statement. "Statistics are tracked per customer in the User Behavior Database. When international calling occurs that does not match a customer's profile, FraudStopper can detect that change and report the risk."

The alerts are sent to users through e-mail and SNMP. The email describes the user suspected of fraud, and the historical profile for the user, allowing operations staff to determine the risk and make a judgment. The SNMP trap allows integration with Network-Management tools like HP OpenView and SolarWinds (News - Alert), company officials said.

FraudStopper’s Real-Time Call Progress Monitor can receive input data from practically any source. ECG has integrated using CDRs from Metaswitch, BroadSoft (News - Alert), Acme Packet, Alcatel-Lucent, and others.

Rajani Baburajan is a contributing editor for TMCnet. To read more of Rajani's articles, please visit her columnist page.

Edited by Carrie Schmelkin
blog comments powered by Disqus

Technology Marketing Corporation

800 Connecticut Ave, 1st Floor East, Norwalk, CT 06854 USA
Ph: 800-243-6002, 203-852-6800
Fx: 203-866-3326

General comments:
Comments about this site:


© 2014 Technology Marketing Corporation. All rights reserved.