When fraud managers implement techniques that successfully counter fraud, organized criminals are forced to innovate to safeguard their income. Bypass is not a new phenomenon, and fraud managers have made great progress at detecting simboxes through the use of test calls, and by configuring their FMS to recognize telltale call patterns. But have the fraudsters adapted, and are they now deceiving the fraud managers by deliberately allowing some of their SIMs to be identified, whilst using clever new methods to ensure the remainder escape detection? That is the argument made by Jan Vervloet, Chief Commercial Officer at LATRO Services, who was our guest for episode 22 of the Commsrisk podcast.
In outline, the risk is that SIM servers are increasingly used by fraudsters in order to alternate which SIMs are used for terminating international calls, so none of them trips the alarms set up in the FMS. In addition, ordinary user behavior is being effectively simulated, confusing fraud managers and encouraging them to whitelist the fraudster’s SIMs.
Jan has extensive experience of simbox detection after working for Meucci, the test call firm acquired by Keynote SIGOS in 2014. Now Jan is with LATRO, and he believes the technique of gathering technical data to determine the ‘signature’ of the device connected to the network – and hence directly distinguishing between a gateway and an ordinary mobile phone – should now be integrated into the arsenal of detective controls deployed by modern fraud managers.
Dan Baker once again joined me as co-host of the podcast. He provided his own insights into simbox fraud, based on research he recently conducted. You can download Dan’s white paper about simbox detection and network protocol analysis from here.
To learn more, listen to the podcast! You can play this podcast by pressing the button on this webpage, or by downloading the mp3 file from here. Or if you like iTunes, visit our page at the iTunes Store, where you will be able to subscribe to the podcast and have all future episodes automatically downloaded to your computer, phone or mp3 player.