International fraud expert Colin Yates has analyzed the outcome of a recent court case in Malta, and he drew troubling conclusions about its likely impact on the prosecution of telecoms fraudsters. In the case, a Greek man was accused of defrauding Maltese operators after police caught him using 30 mobile phones, 17 chargers and 646 SIM cards to make calls to an unallocated British number range. He was set free when the magistrate decided the calls were “lawfully made”.
The Times of Malta reported:
Vasileios Spanos, a Greek man, was staying at a St Paul’s Bay hotel together with a friend back in April 2017, when police knocked at his door, acting on a tip-off about some “suspicious activity” taking place inside a particular guest room.
Upon entering the room, investigators came across two men seated at a desk with “a substantial number of mobile phones hooked up to a laptop” that was switched on, showing the website www.globalbilling.com.
All 28 mobile phones were making calls and in one of the browser tabs several numbers were noted, police officers subsequently testified.
The police found that the SIM cards were issued by Vodafone Greece, and were registered using Spanos’ name. Under interrogation, Spanos admitted the phones and SIM cards belonged to him. However, he denied he was responsible for a series of calls made to unallocated UK numbers, although they all originated on the phone numbers he controlled. These calls were said to have resulted in costs of EUR30,000 (USD32,300) to two Maltese operators, Go and Vodafone Malta. Despite the evidence presented…
…magistrate Donatella Frendo Dimech concluded that the prosecution failed to prove that the accused had made any gain from the suspect fraudulent calls.
Moreover, there was “nothing to suggest that the mobiles found were anything but normal mobile phones and communications made over Go and Vodafone Malta’s networks were lawfully made,” the court said as it ordered that the judgment be notified to the Police Commissioner for possible further investigations, to the Malta Communications Authority as well as to Europol and Eurojust.
Yates, who served 19 years as an officer of the New Zealand Police before he started managing fraud risks for telcos, highlighted the detrimental affect this judgment will have upon law enforcement.
While arbitrage is challenging to prosecute in most jurisdictions, this case certainly sets a precedent in Europe that encourages others to exploit services such as RLAH [Roam Like at Home] to generate income, knowing that this decision will likely result in local Police being reluctant to investigate future complaints.
The case also shows why telcos need to consider all the ways they can lose money.
This goes to remind us that prevention of arbitrage is just as important as preventing IRSF and Wangiri, as the financial losses can still be significant.
Yates went on to argue that telcos need to protect themselves by fully utilizing the data provided by anti-fraud databases including his own PRISM database of international premium rate test numbers.
This reinforces the value of having a robust Fair Use Policy and using tools such as the PRISM IPRN Database or the RAG Wangiri Blockchain (or both) to identify and block this type of abuse before it causes losses.
The website used by the alleged fraudsters is familiar to Yates.
In the Malta case, the website that was being used by the people who were ultimately charged at the time the Police visited them (www.globalbilling.com) was one I monitor, so it is likely I would have had the UK numbers used in my PRISM database. If we look at the financial loses (Euro 30,000) plus the Telco staff time spent investigating and preparing information for Police, plus the time spent by Police and the Courts in prosecuting the case, using tools like PRISM and the RAG Wangiri Blockchain, or any other prevention initiative, really is a no-brainer.
It often proves difficult to motivate law enforcement agencies to tackle ‘victimless’ crimes against telcos, even though the costs will inevitably be passed on to honest customers. That means telcos should do everything they can to prevent abuse before it can occur.