Email a colleague    

May 2011

Insider Fraud: Detecting Criminal Activity in the Telecom Sales Process

Insider Fraud: Detecting Criminal Activity in the Telecom Sales Process

Telecoms spend an incredible amount of money on physical security to keep unauthorized eyes from seeing financial systems.  They spend another big chunk of money on technical fraud systems and cybersecurity to prevent external fraudsters from stealing the family jewels.

Yet one of the biggest problems telecoms now face is fraud done inside their offices, dealer stores and firewalls by people fully authorized to transact business for the company.  Welcome to the shady world of insider fraud, a growing area of operator concern according to fraud management vendor cVidya, who has just brought out a new version of its Fraud View solution to address the issue.

And here to tell us about it is Tal Eisner, cVidya’s senior director, Product Strategy, and a guy who was once an investigator and manager at two leading mobile operators in Israel.

Dan Baker: Tal, what’s the genesis of insider fraud?  And what’s your evidence that it’s becoming a bigger problem?

Tal Eisner: Dan, as you can imagine, much of the data about fraud activity is closely guarded by the telcos.  That’s only natural.  But what I will tell you is this: Our Fraud View product is installed at 130 telecoms in 63 countries and when a significant number of those customers raise a red flag around insider fraud, you can bet it’s a big problem.

Another indicator that insider fraud is growing is common sense.  Smartphones are expensive devices that are often subsidized by the carrier.  Plus the smartphone will soon double as a mobile wallet.  All these factors are going to make insider fraud easier to hide and more potentially damaging to an operator.

The forms of insider fraud vary greatly.  Sometimes the fraud is perpetrated by an insider alone.  In other cases, the insider helps someone outside commit fraud — sometimes deliberately, other times innocently.

The focal point of our investigation is all systems related to sales, the kind of systems that customer service reps, telemarketers and dealers have access to.

One of the drivers of insider fraud is all the pressure for wireless salespeople to meet aggressive revenue targets.  And when people can’t reach those targets, some will cook the numbers or artificially enhance the sales numbers by giving away services illegally — all to get their expected commission at the end of the month or quarter.

Are these things mostly happening within the enterprise accounts of telecoms?

No, it’s not limited to enterprise sales alone.  We’re talking about the entire sales process becoming corrupted.

To give you an idea, one of the large U.S. mobile carriers told me the case of a door-to-door sales rep who committed fraud to the tune of millions of dollars.  The salesman produced a great many deals of cell phones.  Unfortunately, those deals were fraudulent: The customer actually never signed the agreements; their  signatures were forged.

Much of the fraud happens because the fraudsters know how to navigate around the sales, prepaid, CRM or billing systems.

Is a lot of this happening because salespeople are getting their sales commissions upfront?

A few years ago, it’s true, salespeople were getting sales commissions upfront and so there was a danger of signing up unqualified accounts.  However, it doesn’t work like that these days.  Telecoms are more cautious about distributing commissions early these days.

What’s the fraud management application look like here?  Are you monitoring employee emails and Web searches?

Dan, I get this question all the time when I speak at conferences.  No, our application has nothing to do with desktop applications that monitor emails or what sites users go to when they surf the Web.

We basically screen sales or money-oriented areas in IT, such as prepaid and customer-service systems.  We are not recording all the activities being done by people.  The purpose of our sniffing is to enable sales managers and fraud investigators to detect and see abnormal activities.

For example, it’s normal for door-to-door salespeople selling iPhones and Blackberrys to immediately activate those phones as the sales happen.  But if that same salesperson is activating three iPhones at 4 a.m., you might suspect something is wrong.

Another indicator of fraud is checks or credit card authorizations bouncing, typically a month or two months after the user is using the service, but after the dealer received his commission.

A couple years ago, I attended a conference session where Vodafone Germany gave a presentation on a dealer fraud/assurance system that employed a cVidya platform.

That particular system pre-dates the new insider fraud solution I’m talking to you about.  The virtue of that system is that it detected how dealers were gaming the system in the way they juggled discounts or made offers in a way that maximized their commissions.

Some dealer- and in-house agents are far more daring in their fraud activities.  Take the case of a dealer’s agent who worked in one of the stores of a leading mobile company in Europe.  He was a very bright salesperson.  Unfortunately, he got himself into trouble by making some bad gambling bets, and he owed a lot of money to some bookies.  He didn’t have the money, so he cut a deal with the bookies, saying, “Come to my store every week or so, and I’ll activate for free the most expensive handsets I have in the store.  And each of these handsets will be deducted from my debt.“

So that’s exactly what happened.  Somebody came to the store on a regular basis, went directly to him and “bought“ handsets.  And because the agent was very fluent on what needed to be done to activate customers, he went undetected for a long time.  His strategy was not to open new accounts but to “glue” the illicit phones to existing corporate accounts, gambling that the corporations wouldn’t take notice if a few phone accounts were added to their bill.  But after a while, the enterprise customers were complaining about the extra charges, so he was eventually caught.  If you had been regularly monitoring this guy’s actions in the systems, you would have detected those kind of cases long before they got large enough to cause problems and jeopardize a key corporate account.

There are many cases where it would be hard to verify whether the dealer is doing right for the company.  Take the examples of special discounts for students, senior citizens, etc.

Yes, in fact, it’s a common practice to offer discounts to special demographic groups.  But at the end of the month, if 20 iPhones were sold on a student discount, how many of them were actual students?  To verify, you have to monitor ID cards and every other source of identification available.  Likewise you need to monitor the salesperson’s activities.

Nowadays, searching social-networking sites like Facebook might be another good place to find detailed information.

Actually in our latest version of Fraud View, we are integrating social networks as part of our investigation process — and we think we’re the first fraud vendor to do that.

This is our philosophy: Get the investigator as much relevant information as possible.  If it’s Facebook, MySpace, Twitter fine.  We’ve also integrated with Google Maps so if a subscriber gives you his home address and that address is in the middle of Central Park, you’ll see that immediately.  So in this way we’re giving the fraud investigator the broadest view or angle on the case to decide whether or not this is fraud or not.

From my many years as a fraud investigator, I know that the most important challenge an investigator faces is deciding whether or not the case you have in front of you is fraud or nothing at all.

This article first appeared in Billing and OSS World.

Copyright 2011 Black Swan Telecom Journal

 
Tal Eisner

Tal Eisner

Tal Eisner, Senior Director Product Strategy as cVidya Networks, has been active in the telecom arena for over a decade in several fraud management roles.

Tal started as a fraud prevention team leader at Cellcom, the largest mobile carrier in Israel, then served as Director of global consultancy services atCtel Ltd.  In 2008 Tal became Fraud Prevention Department Manager for Partner Communications Ltd (Orange Israel) until mid 2010.

At cVidya he manages fraud management products, strategy, road map and developments.  Tal is a graduate of the Tel Aviv University and earned his BA in political science.   Contact Tal via

Black Swan Solution Guides & Papers

cSwans of a Feather

  • Insider Fraud: How to Create an Anti-Fraud Culture in Your Telecom Organization interview with Mark Yelland — Thirteen years after the WorldCom scandal, experts generally agree that insider fraud remains a massive problem in telecom.  In this article you’ll learn the outlines of building a program to instill an anti-fund culture at your telecoms organization.
  • Converging Criminal and Technical Intelligence: Secret to Combating the Explosion in Telecom Fraud and Security Threats interview with Mark Johnson — A fraud and security expert gives a big picture talk on why industry convergence is driving the need for a broader “revenue risk intelligence.”  His prescription?  Yes, telecoms surely need to excel in technical  infrastructure such as traffic usage data, IP intrusion appliances, and physical barriers.  But just as important is the need to pair that knowledge with the real-life lessons of fighting criminals in general.
  • Insider Fraud: Detecting Criminal Activity in the Telecom Sales Process interview with Tal Eisner — One of the biggest problems telecoms now face is fraud done inside their offices, dealer stores and firewalls.  This type of fraud is especially dangerous because it’s performed by people fully authorized to transact for the company.  The story dicusses the major causes of insider fraud, presents a case study, and explains basic techniques that software uses to detect insider fraud.

Related Articles

  • Subex’s New HyperSense AI-Platform Aims to Turn Telcos into Agile, Analytics-Driven Ubers and Rakutens interview with Rohit Maheshwari — An expert explains why telcos must swiftly adopt the AI/analytics methods of hyperscaler firms.  Giving telco examples where cross-company data sharing can make a difference, he explains the 12 key features of a new platform designed to deliver more agile and collaborative intelligence across a telco.
  • Subex’s COO: Machine Learning, Disruption & Adaptive Biz Models to Impact Telecoms in 2020 interview with Shankar Roddam — In our dynamic and digital-driven world, telecoms and enterprises face many business risks.  So what can you do to plot a successful future?  Hear 5 prophecies on 2020 telecom trends from the Chief Operating Officer of Subex.
  • TELUS Analytics Users Get Productivity Boost from Internal Team of Data Access & Showcasing Experts-for-Hire interview with Mange Kumarasamy — How a large organization with hundreds of analytics users gets help from an  internal Big Data team who sources multiple back-end databases; builds tailored reports; and drives campaigns that answer strategic questions for users.
  • Non-Verbal Speech Analytics: Monitoring Voice Calls in Real-Time for Customer Care, Sales, Retention & Onboarding interview with Yoav Degani — Non-verbal speech analysis studies the emotional context of voice qualities like intonation, tone, emphasis and rhythm.  A pioneer in voice analytics explains how its technology benefits customer care, sales, retention and onboarding.
  • Telecom CVM: From Scattered Campaigns to Unified & Consistent Communication with Customers interview with Cretièn Brandsma — Despite the many failures Customer Value Management has faced in telecom, CVM’s future is very hopeful.  A carrier expert explains why telecoms have faltered, how customer experience programs can be revitalized, and where telecoms should invest in better tactics and technology.
  • The Key to Driving 4G Profit: Sell Value, Not Bandwidth by Miri Duenias — Are you struggling to earn a profit on your 4G investments?  Many operators are failing today on the marketing side.  But aligning 4G products with a customer’s personal preferences and desires provides the necessary sizzle to boost sales and earn a handsome ROI.
  • Will Real-Time Decisioning Save Big Data Analytics from Overblown Hype? interview with Tom Erskine — Telecom analytics is more than just collecting and analyzing data.  It’s also about taking action — correct action — often in real-time and across a complex provisioning environment.  In this interview you’ll hear how next best actions are creating value in retention and upselling through a more flexible, business-process driven approach.
  • A Big Data Starter Kit in the Cloud: How Smaller Operators Can Get Rolling with Advanced Analytics interview with Ryan Guthrie — Medium to small operators know “big data” is out there alright, but technical staffing and cost issues have held them back from implementing it.  This interview discusses the advantages of moving advanced analytics to the cloud where operators can get up and running faster and at lower cost.
  • The Customer Engagement Era: How Personalization & Backend Integration Leads to a Richer Mobile Biz interview with Rita Tochner — How does a mobile operator move its subscribers to higher levels of spending and profit?  Fierce competition, social media scrutiny, and the high cost of new networks all conspire against these goals.  In this interview, however, you’ll learn how engaging better with customers, getting more personal, and being more sensitive to their individual needs is the path forward.
  • Telecoms Failing Badly in CAPEX: The Desperate Need for Asset Management & Financial Visibility interview with Ashwin Chalapathy — A 2012 PwC report put the telecom industry on the operating table, opened the patient up, and discovered a malignant cancer: poor network CAPEX management, a problem that puts telecoms in grave financial risk.  In this interview, a supplier of network analytics solutions provides greater detail on the problem and lays out its prescription for deeper asset management, capacity planning and data integrity checks.
  • Batting for More Churn Reduction and Revenue Assurance Home Runs interview with Peter Mueller — What’s it like to transform an IT shop to big data and cloud?  In this interview, the CTO of a boutique revenue assurance explains how his firm made the leap.  He shows how project-oriented programs and working with carrier customers to explore RA and churn reduction “hunches” is where much of the action is.
  • History Repeats: The Big Data Revolution in Telecom Service Assurance interview with Olav Tjelflaat — The lessons of telecom software history teach that new networks and unforeseen industry developments have an uncanny knack for disrupting business plans.  A service assurance incumbent reveals its strategy for becoming a leader in the emerging network analytics and assurance market.
  • From Alarms to Analytics: The Paradigm Shift in Service Assurance interview with Kelvin Hall — In a telecom world with millions of smart devices, the service assurance solutions of yesteryear are not getting the job done.  So alarm-heavy assurance is now shifting to big data solutions that deliver visual, multi-layered, and fine-grained views of network issues.  A data architect who works at large carriers provides an inside view of the key service provider problems driving this analytics shift.
  • The Shrink-Wrapped Search Engine: Why It’s Becoming a Vital Tool in Telecom Analytics interview with Tapan Bhatt — Google invented low cost, big data computing with its distributed search engine that lives in mammoth data centers populated with thousands of commodity CPUs and disks.  Now search engine technology is available as “shrink wrapped” enterprise software.  This article explains how this new technology is solving telecom analytics problems large and small.
  • Sharing Intelligence, Services, and Infrastructure across the Telecom Galaxy interview with Gary Zimmerman — The telecom industry is an industry of sharing.  In fact, the rise of mobile broadband is driving a greater reliance on real-time intelligence, services trading, and infrastructure exchange.  In this article, a leading info exchange provider explains the value of its services portfolio and points to other interoperability and sharing ideas under development.
  • Data Monetization: Why Selling Intelligence is a Hot New Revenue Stream for Mobile Carriers interview with Joe Levy — Data monetization is a revenue dream come true for mobile carriers: a highly profitable sideshow where the carrier analyzes and sells data it already collects for other purposes.  In this article you’ll learn how operators monetize their data through use cases in corporate advertising and media branding.
  • Harvesting Big Data Riches in Retailer Partnering, Actionable CEM & Network Optimization interview with Oded Ringer — In the analytics market there’s plenty of room for small solution firms to add value through a turnkey service or cloud/licensed solution.  But what about large services firms: where do they play?  In this article you’ll learn how a global services giant leverages data of different types to help telcos: monetize retail partnerships, optimize networks, and make CEM actionable.
  • Raising a Telco’s Value in the Digital Ecosystem: One Use Case at a Time interview with Jonathon Gordon — The speed of telecom innovation is forcing software vendors to radically adapt and transform their business models.  This article shows how a deep packet inspection company has  expanded into revenue generation, particularly  for mobile operators.  It offers a broad palette of value-adding use cases from video caching and parental controls to application-charging and DDoS security protection.
  • Radio Access Network Data: Why It’s Become An Immensely Useful Analytics Source interview with Neil Coleman — It’s hard to overstate the importance of Radio Access Network (RAN) analytics to a mobile operator’s business these days.  This article explains why the RAN data, which lives in the air interface between the base station and the handset --  can be used for a business benefit in network optimization and customer experience.
  • Back Office Streamlining to Enterprise Support: The Many Flavors of Wireline Analytics interview with Tom Nolting — Mobile analytics gets plenty of press coverage, but analytics is just as crucial for wireline operators.  In this article, a billing VP at a leading wireline operator discusses several diverse uses of analytics in billing, enterprise sales/retention, and network partner margin assurance.
  • Analytics Biology: The Power of Evolving to New Data Sources and Intelligence Gathering Methods interview with Paul Morrissey — Data warehouses create great value, yet it’s now time to let loose non-traditional big data platforms that create value in countless pockets of operational efficiency that have yet to be fully explored.  This article explains why telecoms must expand their analytics horizons and bring on all sorts of new data sources and novel intelligence gathering techniques.
  • B/OSS Mathematics: The Quest to Analyze Business Problems & Drive Operating Decisions interview with Matti Aksela — Analytics is the glory of mathematics brought to practical use.  And in telecom, analytics has merely stratched the surface of its full potential.  In this article, you’ll learn how machine learning is being combined with the power of CDR number crunching to optimize mobile top-ups, control churn — and in the future, help telecoms make critical network and operating decisions.
  • Leveraging the RA/FM Platform to Deliver Business Insights to Finance & Marketing by Amit Daniel — Carrier professionals using RA and fraud management tools are getting requests from internal customers who want the role of RA/FM platforms expanded to deliver up-to-date analytics data for finance and marketing purposes.  This article advocates a cross-product layer to serve such broader use cases.  The effect would be to transform the existing RA/FM platform into a combined business protection and business growth analytics engine.
  • A Mobile Marketer Service: Bridging Personalization & B/OSS Flowthrough interview with Efrat Nakibly — Marketing analytics is a prescriptive program for driving  actions such as sending a timely promotion to a mobile subscriber.  But completeness demands that you also be able to provision that treatment, qualify the promotion, and keep billing fully in the loop.  This article shows how a managed services program can deliver such an end-to-end process and manage customer life cycles on a one-to-one basis.
  • Science of Analytics: Bringing Prepaid Top Ups & Revenue Maximization under the Microscope interview with Derek Edwards — Prepaid subscribers are the customers that carriers know the least about.  The operator is not interacting with prepaid customers on a monthly basis.  You’re not sending a bill, nor do you have detailed profiles on these customers, especially in the developing world where customers are buying SIMs at a grocery store.  This interview explains how contextual marketing meets the unique analytics challenge of prepaid customers.
  • Connecting B/OSS Silos and Linking Revenue Analytics with the Customer Experience by Anssi Tauriainen — Customer experience analytics is a complex task that flexes B/OSS data to link the customer’s network experience and actions to improve it and drive greater revenue.  In this article, you’ll gain an understanding of how anayltics data needs to be managed across various customer life cycle stages and why it’s tailored for six specific user groups at the operator.
  • Profitable 3G: China’s Mobile Operators Monetize Networks with Retailers & Partners interview with Kevin Xu — Mobile operators are at the center of explosive growth in wireless services.  But to exploit this opportunity requires IT ingenuity and a broader view on how the mobile user can be served.  In this article you’ll learn the innovative techniques Chinese operators use to monetize 3G networks via analytics and partnerships with retailers, social networks, and advertisers.
  • Customer Analytics: Making the Strategic Leap From Hindsight to Foresight interview with Frank Bernhard — Are your company’s analytics programs scattered?  Is there a strategy in place for customer analytics?  This interview with a leading telecom analytics consultant explains why strategy and planning around the analytics function is crucial to getting your money’s worth.  Topics discussed include: hindsight vs. foresight; an advanced analytics program; and the interface sophistication required to support high end vs. low end analytics users.
  • Meeting the OTT Video Challenge: Real-Time, Fine-Grain Bandwidth Monitoring for Cable Operators interview with Mark Trudeau — Cable operators in North America are being overwhelmed by the surge in video and audio traffic.  In this article you’ll learn how Multi Service Operators (MSOs) are now monitoring their traffic to make critical decisions to protect QoS service and monetize bandwidth.  Also featured is expert perspective on trends in: network policy; bandwidth caps; and  customer care issues.
  • Analytics Meditations: The Power of Low-Cost Hardware and the Social Network Within interview with Ken King — Analytics didn‘t arrive yesterday.  Data warehousing and BI have been in the telecom vocabulary for twenty-five or more years.  In this interview, you’ll gain a perspective on why “big data” changes the game and why social network (or social circles) analysis promises the next level of insights.  Other interesting topics include: segmenting the analytics market, engaging with carrier clients, and upgrading from older- to newer-style methodologies.
  • LTE Analytics:  Learning New Rules in Real-Time Network Intelligence, Roaming and Customer Assurance interview with Martin Guilfoyle — LTE is telecom’s latest technology darling, and this article goes beyond the network jargon, to explain the momentous changes LTE brings.  The interview delves into the marriage of IMS, high QoS service delivery via IPX, real-time intelligence and roaming services, plus the new customer assurance hooks that LTE enables.
  • Shared Data Plans: The Challenge of Managing a Family of Pricing, Revenue Assurance, Fraud, and Network Policy Issues by Amit Daniel — Verizon Wireless‘ recent announcement of its move to shared data plans for families shook the mobile industry.  In this column, cVidya’s Amit Daniel shines a spotlight on the knowhow and analytics tools that operators now deperately need to offer the right  shared data price plans, ensure bandwidth throttling is handled correctly, and address new fraud concerns.
  • Analytics Guru: Are Telecoms Ready for the Biz Intelligence Explosion? interview with John Meyers — Business intelligence is evolving from the creation of dashboards and reports to taking action based on a deep knowledge of the environmental context.  The article explores the implications of “big data” in terms of IPTV, storage requirements, hardware, event collection, and deep packet inspection.
  • Social Networking for Telecoms: How To Enlist Friends and Family as Mobile Marketers interview with Simon Rees — Social Network Analysis (SNA) is about exploiting data on “friends and family” connections to combat churn and win new CSP business.  The article explores how an analysis of the ebb and flow of CDRs, phone calls, and messages, can identify key influencers and drive powerful marketing campaigns.
  • Making the Strategic Leap From Billing to Merchandising interview with Humera Malik — Today billing/charging technology has progressed to the point where the usage intelligence, the charges, the user behaviors, and the analytics can all come together in near real-time.  This article discusses the organizational and marketing strategies that enable a operator to create a true “merchandising” system that can revolutionize a CSP’s business.