“Where telecom fraud is going right now is phenomenal — the recession has increased the volume of telecom fraud significantly,” says Houle, vice-president of corporate security at Bell Canada. “In North America we’re looking at between US$72 and $80 billion a year in telecommunications fraud loss.”

Those numbers are based on a 2009 survey conducted by the Communications Fraud Control Association. Bell has seen an increase in several kinds of fraud this year, including  a new type where hackers will actually open up Bell interconnection boxes in residential streets and with electronic devices connect several lines in parallel.

They were able to stay below Bell’s radar by spreading the fraud over several lines at once.

“It took us a while to pinpoint how this was happening. It increased our total fraud by a factor of six until we discovered and cut the line before it started,” he says.

Criminal gangs are increasingly using phone hacking as a way of setting up their own cut-rate telephone services which they sell on the black market, from other criminals to illegal immigrants and refugees.

Generally speaking, he says, telecom fraud is up 15 to 20 per cent. In Canada, the victims have mainly been customers that have been defrauded by hackers looking to steal identities through subscription and ID theft.

“These are people who will show up at our stores or call 310-Bell with no intention of paying for services. They will use a false identity and when we bill them we never receive any money back — it’s subscription fraud and by far the most prevalent type of fraud,” he says.

The second most popular type of telecom fraud is not as well known but represents about 20 per cent of all fraud Bell deals with — PBX voice mail hacking.

“A lot of small companies have a PBX and don’t have the knowledge to secure it properly and it gets attacked by hackers who will make long distance calls overnight to countries abroad,” explains Houle.

A hacker making a long distance call is usually connected to organized crime. They will put a PBX in front of that PBX and essentially sell, at a cut rate, long distance calls abroad to criminal networks using small company’s systems and only realize they’ve been defrauded when they receive their bill. This year a small law firm made headlines when it was defrauded by over $200,000 in one weekend alone.

“The company was accusing us of having insecure networks but we were able to prove to them that it was their PBX that was not secure,” says Houle. “Small companies who get defrauded that way get their bill and they can’t pay. If we take them to court to force them to pay they go bankrupt so either way we don’t get paid.”
The only recourse is for Bell, Telus and other telephone companies to get better at detecting these types of fraud and this is what Houle and his team are focused on right now.

“We are also going one step further and will be providing security awareness campaigns for our customers,” he says.

Spam also remains a huge headache for Bell and its customers.

“Right now the number of spam messages is out of control. About 93 per cent of all emails sent to Bell Internet customers through Sympatico are spam or virus messages. We filter that before it reaches the customer, but still there is a lot of spam going on. We are the victims of spam and so are banks where hackers will use our brand. They tell a customer there is something wrong with their account and tell them to go to that link and enter their password and this goes on all the time,” he says.

When Bell knows this kind of spam is going on it blocks the web address individuals are being directed to, but it takes a while for that to kick in.

“There’s always a couple hundred people who will fall into the trap so we are investing in new equipment on brand protection and we are considering offering that service to our customers such as the banks,” he says.