What is Toll Fraud?

Toll fraud is carried out by well-coordinated teams of criminals distributed around the globe. It exists across 200+ countries, all phone number types, and wide price ranges. The creation and reselling of number ranges is very dynamic - every week there are more than 10,000 new IRSF ranges being advertised.

Here are the steps fraudsters take to complete a toll fraud attack:

1. Fraudsters gain access to a PBX (Private Branch Exchange) or app that lets them place outbound calls.
2. Fraudsters place short duration calls to test numbers, provided by the international premium rate resellers, to find holes not blocked by the chain of telecom carriers.
3. Once a test number can be reached, fraudsters purchase an international premium rate number from the reseller.
4. Within 30 minutes, the attacker will create dozens of concurrent calls to the number(s) they just purchased.
5. The terminating carrier pays the fraudster according to a revenue sharing agreement.
6. The victim of the attack is required by law to cover the telecom charges carried out on their account.

There is no single solution to completely prevent toll fraud, so combating it requires a multi-pronged approach.

• Usage Triggers : Usage Triggers can be used to monitor the number of calls or minutes each day and alert you of abnormal patterns. It is important to continuously monitor your account and subaccount usage for any unwanted abuse.
• Voice Geographic Permissions : On the Voice Geographic Permissions Console page, navigate to the High-Risk tab and de-select any countries that have a checkbox enabled if you do not need to call these destinations. See Protect your account with Voice Dialing Geographic Permissions for more information.

• How to protect your account from toll fraud with Voice Dialing Geo Permissions
• Anti-Fraud Developer's Guide