New IRSF Data Shows There Are No ‘Low Risk’ Destinations Any More

International revenue share fraud (IRSF) is now spread far more widely than a year ago, according to data shared with Commsrisk by renowned expert Colin Yates (pictured). As a consequence, Yates’ anti-fraud business is now monitoring more than twice as many numbers as it did 12 months ago.

Yates’ method involves tracking the test numbers used for international premium rate (IPR) calls, because these provide an early warning system for fraud. Prior to launching an attack, fraudsters will first confirm if they can reach test numbers, and will only then apply for an international premium rate number (IPRN) and pump traffic towards it. Since April 2019 there has been an astonishing 115 percent increase in the test IPRNs that Yates is forced to monitor. Most of this growth has come from a proliferation of test IPRNs associated with countries previously regarded as ‘medium’ or ‘low’ risk.

Countries like Cuba and Latvia often top the lists of destinations for IRSF fraud, but Yates’ new data challenges the belief that telcos only need to monitor the countries that have historically caused most problems. The top 10 destinations for IRSF fraud were linked to 45 percent of test IPRNs advertised in 2017. Now they represent less than 20 percent of the total.

Whilst Cuba has slid down the charts, middle-ranking countries like Slovenia have jumped up. But more important than the placing of countries in Yates’ rankings is the rising total of test IPRNs for countries near the bottom of the charts. To illustrate, Yates had the Netherlands down as the 156th most risky country per his figures on 3rd April 2019. Now the number of test IPRNs terminating in the Netherlands is more than eight times higher. This would have been sufficient to put the Netherlands in the top 20 in April 2019, but only places them at 67th today.

Telcos wanting to speak to Yates about the changing risk profile for IRSF fraud can reach him here.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.