Large operators began to miss fraudulent calls more often than small companies

Since the beginning of the year, the situation with the passage of fraudulent traffic by telecom operators has changed: the vast majority of calls began to come from the numbers of the largest companies, while in 2023 violations were predominantly on the side of small players. Experts explain the situation by the complexity of anti-fraud systems on the networks of large operators, as well as their more active distribution of SIM cards to increase subscriber bases.

Large telecom operators connected to the state Antifraud system (launched by Roskomnadzor in early 2023, all telecom operators must connect to it by the end of February 2024) began to miss fraudulent calls more often than small companies, according to data from one of the monitoring systems , which Kommersant got acquainted with. According to them, since January 1, most of the fraud passes through VimpelCom, MegaFon and MTS, in a number of regions – Tele2 and MTT (part of MTS).

According to one of the leading players in the Russian cybersecurity market, since the beginning of the year, the most popular codes among scammers are +7 (963) and +7 (906) (VimpelCom), +7 (990) (MegaFon), +7 ( 996) (Yota and Tele2). According to Tinkoff (which uses its own fraud monitoring system), the most popular codes this year are: +7 (900) and +7 (901) (Tele2), +7 (938) (MegaFon), +7 (958) (Rostelecom), +7 (914) (MTS). In 2023, Tinkoff says, scammers most often called from landline numbers +7 (495), +7 (499) and +7 (812).

In general, in January 2024, 19% of users in the Russian Federation encountered calls with suspected fraud, which is 5 percentage points higher year-on-year, said Kaspersky Who Calls analyst Vladimir Grigoriev. Yandex (developing its caller ID) says there was a 27% increase in unwanted calls in January.

Fraudsters continue to come up with new deception schemes, Tinkoff adds: “One of the most popular now is a call on behalf of a mobile operator, when the victim is offered to extend the contract, otherwise the SIM card will be blocked.”

MegaFon says that scammers continue to call both with a substitution of the number for the numbering of small operators that are not connected to Antifraud, and without substitution from SIM cards of large operators. Tele2 believes that as operators connect to Antifraud, the possibility of number substitution is reduced and fraudsters begin to make calls through real subscriber numbers. VimpelCom agrees that number spoofing has become more complicated, and fraudsters have begun to “use available operator products”: they gain access to the subscriber’s personal account and create several virtual numbers for fraudulent traffic. MTS did not answer Kommersant.

Update. After the publication of the material, the Ministry of Digital Development reported that the Antifraud system promptly informs operators about the need to block calls from spoofed numbers, but not all of them come from operator networks connected to the system. They can also come from legitimate SIM cards when communicating with a person, for example, using social engineering methods.

As the base of numbers that fraudsters can use from large operators grows, the likelihood of successful penetration of fraudulent calls through their networks also increases, says Pavel Kovalenko, director of the Informzashita anti-fraud center. In addition, he believes, it is more difficult for large companies with extensive networks to maintain the effectiveness of anti-fraud systems.

Kommersant’s interlocutor at the market explains the omission of fraudulent calls by large operators due to massive sales of SIM cards by the Big Four to increase subscriber bases. In addition, he clarifies, “the state has been putting significant pressure on small companies since last year, and this has had an effect.”

The subscriber verification procedure established by law can take up to 48 days, Roskomnadzor clarifies. During this time, the user has the opportunity to make calls for fraudulent purposes, while maintaining anonymity. Most often, the department confirms, SIM cards from large telecom operators are distributed illegally. At the end of the third quarter of 2023, MTS’s subscriber base grew by 0.75% year-on-year, to 80.8 million connections; at MegaFon, according to the results of the first half of the year, it grew by 1.3% (to 75.8 million subscribers). VimpelCom’s subscriber base in the third quarter of 2023 decreased by 4%, to 44.1 million people.

The state is already trying to expand measures to combat fraudulent traffic. Thus, the Federation Council (see “Kommersant” on January 25) is considering the possibility of qualifying the actions of persons associated with the circulation of illegal SIM cards as “illegal circulation of means of payment”, as well as strengthening administrative liability for operators for failure to comply with verification of subscriber information .

Tatiana Isakova