Terry Powell, CCSP, CFCA Board Director and Sr. Security Specialist, Lumen
Toll Free Traffic Pumping……..it’s nearly a household term, or at least an industry term now since most people in the telecom space of the United States has heard of it, or has been a victim of it either directly or indirectly. It’s a cash grab of the 2010s that’s taken full advantage of the compensation structure and vulnerabilities of the Toll Free product. But not many people really know how it truly impacted the various members of fraud, support, and NOC teams.
After researching archived emails, the former Level 3 and a couple of other telecom companies in the U.S. actually first learned about this type of scheme back in 2009, when at least a version of it was coined “8YY Dip Compensation Fraud”, introduced to us by AT&T. I recall having meetings with AT&T and Vonage regarding this new problem that had us baffled on why it was occurring. After a bit, it seems to have subsided until a bigger wave of it started in 2010 with AT&T customers, via customer complaints. At that point, it was possibly discovered that it wasn’t just dip compensation that these fraudsters were after. It was also per-minute originating access fees that were sought, with longer duration calls. As mentioned in several presentations, it wasn’t until early 2012 until AT&T scheduled meetings with the top Toll Free carriers (former Level 3, former CenturyLink, Verizon, and Sprint), laying out how this scheme worked, and sharing call detail information with the carriers, illustrating what the perpetrators were doing. At this point, it was being called “Toll Free Traffic Pumping, as we know it today. Also as mentioned in our presentations, AT&T could see everyone else’s traffic because the fraudsters were pumping all of this traffic through AT&T’s interconnects in California.
Back to the impact, as the multiple waves of complaints from both carriers and customers were growing, the positions of being a Fraud Analyst, Fraud Investigator, Fraud Manager, Fraud Specialist, Customer Service Agent or NOC/Fraud/Voice Technician was slowly eating at our souls. This was a nightmare at all levels of the callflow, except the originating CLEC/SIP Termination providers that were launching the calls. Speaking from firsthand experience, there literally were days where I’ve done nothing else but field complaints, run countless queries, launch fruitless referrals, and had sometimes heated meetings with customers, industry colleagues, and internal stakeholders from the time I logged in until I left for the day. The complaints at times were so numerous that there were days that no lunches were taken, and overtime was almost the norm rather than the exception. Numerous days have come and gone with the feeling of hopelessness and numbness, similar to how medical workers felt dealing with COVID-19 patients with a limited staff, I imagine, minus the emotional toll. The issue was so stressful at one period that it was communicated from a couple of providers that some members of their staff either quit or changed departments.
Looking at the daily onslaught of complaints, I knew that this was just phase one of the issue. In just the next month from that point, customers were ultimately going to be charged for the usage that was occurring, then we engage in continuous collaborations with the Customer Financial Services group in dealing with likely disputes. Most providers have policies that customers are ultimately responsible for any toll usage affecting their services. Because of this, a few large Toll Free customers shuffled some or all of their services to other providers that they perceived to be better at handling this crisis, but judging by carrier membership of the current Toll Free Traffic Pumping Taskforce, seems that there weren’t many places that they could go to escape the problem.
Meanwhile there’s this little thing called International Revenue Share Fraud (IRSF) that certainly didn’t take a backseat to this. This was still going strong and was always ubiquitous like the wallpaper on your PC, with loss numbers climbing a bit since our attention was taken away slightly by this other immediate problem that was growing rapidly and grabbing everyone’s attention. Eventually, we in the fraud management operations group at the former Level 3 had to informally implement a ‘Divide and Conquer’ strategy in addressing our daily tasks, where usually everyone wore all hats for all tasks.
Leveraging Law Enforcement
The industry owes a great deal of gratitude to Invoca, who has thousands of Toll Free numbers and was probably impacted more than most. Invoca reached out directly to the FCC regarding this issue, and organized a weekly meeting with them and the former Level 3 for updates. This is something that could be difficult for even the larger carriers. The FBI-Philadelphia office was quickly pulled into the meetings, since there was a case opened with them. Once the information was provided to them, the law enforcement agencies began to send inquiries and subpoenas to the providers that appeared in the tracebacks. Although there were no arrests or fines ultimately, the inquires were significant enough to scare a few providers into removing the bad actors from their platforms, vastly reducing the volumes of these artificially generated calls.
Current day, we’re now looking forward to the 8YY Access Charge Reform issued by the FCC to take effect on July 1st. This order is designed (among a couple of other things) to transition originating access fee charges to bill-and-keep, and transition 8YY database query dips to $0.0002 per call. Both components will take affect over 3 years, but we’re hoping that they are in effect very early in that broad 3-year window. I think I speak for everyone in that we’re all hoping that this will be the silver bullet for this issue and TFTP will just be a case study for future fraud mitigation analysis.