Account Takeover Fraud in Telecom – 4 Things to Watch

My last post introduced the topic of subscription fraud in telecommunications. Here, I will broaden the focus to include account takeover fraud.

As CSPs have looked to introduce additional controls and checks at the front-end onboarding process, fraudsters have moved to account takeover. As with onboarding, the customer experience and convenience are king for upgrade and re-sign processes. CSPs have taken steps to simplify account access for existing customers, but this also gives fraudsters a chance to systematically test for weaknesses to exploit.

In the case of account takeover, there are a number of factors that CSPs should look out for when existing customers place new orders. These include:

• Recent changes to the account, such as home and delivery addresses, email, password or other credentials
• Age of customer, as older account holders are more likely to be victims of fraud and may be more susceptible to social engineering
• Exceptional spend — devices with significantly higher value than the customer’s previous
• Problems in particular delivery areas — effective liaison with delivery contractors and couriers can help here

Of course, there are multiple other factors which come into play and, whilst business rules can be used to add controls, these will add barriers to the genuine customer that wants to transact. They’ll also become obsolete pretty quickly as fraudsters change tactics after hitting the barrier. Effective analytics should be used to properly understand the relationships within the data and their likelihood of being indicative of fraud.

In my next post I’ll look at analytics that can help CSPs manage subscription fraud and account takeover fraud.