Telecom fraud takes many forms, from identity theft and data privacy breaches to application fraud and phishing attacks. These threats are frequently highlighted in lists of the top telecom fraud activities. However, one type of fraud that receives little attention is data charging bypass—where users exploit loopholes in rating and charging rules to gain unlimited, free data access.

Exploiting data access that is zero-rated (e.g. promotional app access, essential educational/social services etc.) to get data for free is back as a concern as the number of promotions and sites (domains) is significantly increasing with a recent example of users accessing TeraBytes of ‘free’ data in a one-month period with a domain-fronting attack.

This type of fraud highlights a critical weakness: the ability of fraudsters to circumvent data traffic classification mechanisms within telecom networks, leading to revenue loss. Beyond financial impact, this also affects network service planning and policy enforcement. If data access is misclassified or incorrectly rated, the underlying business intelligence that telecom providers rely on for strategic planning becomes unreliable.

The problem cannot be solved by a simple approach of stopping or disabling zero-rated access policies from telecom services. Some zero-rated services may be mandated by the regulator or necessary just to compete in the market. As an example, in some countries (e.g. Brazil) access to social media sites like WhatsApp^TM are expected by users and almost universally zero-rated by the telcos.

In the environment where most users consider the mobile as essential and the majority of services are primarily online – we will see the policy of zero-rating access continue and expand. But why does this lead to possible fraud? The answer is three-fold:

• There are more services to exploit
• Incomplete measures for enforcement of what is being accessed
• More sophisticated attacks & fraudulent users sharing information online – making the attack both viral and transient and the amount of data (Gigabytes) that can be used much larger

From a revenue perspective, the cost of a single gigabyte (GB) of data varies significantly by region. In highly competitive markets, prices can be as low as $0.10 per GB, while in other regions it is well over $1 USD. Price per GB can be skewed by large data allowances but an independent analysis puts the worldwide average retail price per GB at $2.59^[2]. A single mischarged GB is important as it is potential revenue that the operator can’t recapture, but it is the multiplying effect on the infrastructure and operational costs with a fraudster consuming much more data than an average user and promoting potential network charging vulnerabilities externally.

Users are sharing information and open vulnerabilities in online forums – an example of a user doing this in Africa had over 20k followers. Essentially using pre-configured apps, they can make $ from advertising by promoting gaps in enforcement.

The good news is that this type of fraud can be detected and stopped and, not just after the fact. In our next extract you will hear more about the type of behaviours we are seeing and how to detect this type of fraud.

But if you can’t wait….then & want to know more now:

Download our paper on Data Charging bypass fraud @ Link

Review our Enea capabilities for managing data traffic @  https://www.enea.com/solutions/traffic-management/