Honey Badger

Wangiri 2.0 scam. Is your business protected?

Administrator
Blog

I know what you’re wondering. Wangiri. What the heck does that mean?

It’s a Japanese word meaning ‘one (ring) and cut’. So called because fraudsters make one ring calls to consumers from high-rate overseas numbers. Curious consumers see a missed call from an overseas number and call it back, thus a call is made to the high-rate number and revenue is generated for the fraudster. The fraudster may attempt to keep the consumer on the call for longer via an Interactive Voice Response (IVR) system. Afterall, time is revenue in the dark world of telephony fraud.

That’s Wangiri, but what is Wangiri 2.0?

It’s like Wangiri but better, or worse, depending which side you’re on. A key difference is that Wangiri 2.0 is targeted at businesses rather than consumers. Furthermore, it’s a lot less obvious and can go undetected for months or even years. There are also a few flavours of Wangiri 2.0 to make things more interesting.

Be aware that you’re at risk whenever you collect phone numbers for the purpose of making a call or sending an SMS. Let’s take a deeper look at some common Wangiri 2.0 attacks

Contact forms (especially those used to request a call back or collected for sales purposes)

It starts with a simple online form and ends with a big phone bill. Fraudsters will complete your form and enter a high-rate overseas number to reach them on. Then do it again, and again, and you get the idea…

From there they just wait for you to dial the number. Larger companies and those operating internationally can be even more at risk since it might not be unusual to see an overseas number. Sales and business development teams usually have a higher likelihood of making outgoing calls to these numbers in the pursuit of following up on a hot new lead. To make matters worse it’s not uncommon for organisations to use an autodialer that initiates the call then subsequently connects a staff member. This removes the opportunity for due diligence to be performed prior to making a call.

Protect yourself from Wangiri 2.0

Enter your email address and we’ll send over some information on how to stay protected.

One-time passwords (delivered via voice or SMS)

Whilst one time passwords protect you from other types of fraud, they unfortunately create new opportunities for Wangiri 2.0. It’s an attack so simple it could be described as scary 😱. This attack happens when you collect phone numbers to push one-time passwords by SMS or voice call. The fraudster will signup to your service  (often using a bot) and enter an overseas high-rate phone number. The SMS or call you make to issue the one-time passwords won’t be cheap and the fraudster will generate revenue with every code that’s sent. Thousands of one-time passwords sent to high-rate numbers will quickly ruin your day, and probably your budget too.

With both of these approaches fraudsters will write scripts to automate the process as much as possible. They will also use different numbers and may continuously trickle submissions into your system.

For many organisations this results in Wangiri 2.0 going undetected for quite some time. Costs won’t even be recognised as fraud, instead they are disguised under sales, marketing, customer service and hosting/operational costs.

Of course, the savvy among us aren’t content with just being aware of Wangiri 2.0, we want to stop it too. Good news, Honey Badger can help. Our Number Intelligence service will scan phone numbers you’ve dialled previously to detect and measure the extent Wangiri 2.0 is happening in your organisation. Or, simply use our APIs or form validation widget to analyse numbers prior to form submission, sending an SMS or before making a call. Every phone number is instantly checked against millions of known high risk numbers and a risk score is returned.

Honey Badger HQ

Subscribe to the Badger Blog

Related Posts

CloseMenu

Partner with us

Complete the form below and we’ll be in touch to kick off a discussion. 

Account Servicing

Stop fraud and improve customer experience during account servicing by eliminating SMS One Time Passwords (OTP). Instead, leverage phone based SIM authentication which involves comparing data generated by the Mobile Network Operator (MNO) with mobile device session data. This provides a foolproof way of proving that an individual is in possession of their two-factor device.

Benefits

This new approach to authentication isn’t susceptible to SIM swap attacks and doesn’t require the user to enter a password. Ultimately, account takeover attacks are blocked, while customer experience is improved and the time taken to service a request us reduced.

Made for

 LENDERS   ONBOARDING   AUTHENTICATION 

Get started via

 EMBEDDABLE WIDGET   API 

Pricing

 PAY PER AUTHENTICATION 

Request a demo

Contact Data Cleaning

Contact Data Cleansing verifies that the contact and personal information you hold isn’t out of date or inaccurate. Data is compared against the information held on file by Mobile Network Operators (MNOs). Whether processing a single record or sanitising thousands of records in batch, you’ll quickly identify bad data.

Benefits

The case for maintaining up-to-date records goes way beyond good practice for compliance and regulatory reasons. It’s critical to ensuring customers are contactable. Furthermore, it reduces security threats by ensuring communications aren’t sent to the incorrect individuals.

Made for

 LENDERS   FINTECH  KYC 

Get started via

 WEB INTERFACE   API 

Pricing

 PAY PER RECORD CHECK 

Request a demo

SIM Swap Detection

SIM Swap Detection is a critical step in stopping account takeover. Why? Because account takeover attacks commonly exploit the ease of which a phone number can be stolen by simply assigning it to a new SIM. This allows bad actors to intercept communications, such as SMS one-time-passwords (OTP), which are used by 93% of enterprises worldwide to verify customers.

Benefits

SIM Swap Detection instantly and silently checks the history of a SIM card to see when it was last swapped. Recent swaps indicate high risk of fraud, allowing you to take appropriate action, such as failing verification or requesting additional security procedures are followed.

Made for

 FRAUD PREVENTION

Get started via

 WEB INTERFACE   API 

Pricing

 PAY PER SIM SWAP CHECK 

Request a demo

Social Trace

Social Trace significantly reduces the risk of losing contact with your customers by diversifying communication channels. Simply drop the Social Trace widget into your onboarding workflow and allow customers to connect one or more social channels with just a click.

Benefits

Lenders who capture social channels are significantly less likely to lose contact with their customers. Why? Because different demographics prefer to engage over different channels. This is particularly important when it comes to collections. Initiating contact over different channels increases your chances of getting a response, which in turn increases the likelihood of resolving late or non payment. 

Made for

 LENDERS   ONBOARDING   COLLECTIONS

Get started via

 EMBEDDABLE WIDGET 

Pricing

 MONTHLY FEE 

Request a demo

Mobile Fraud Check

Mobile Fraud Check allow you detect fraud indicators using data provided by Mobile Network Operators (MNOs). Key checks include device overseas, call forwarding, SIM swap, a high risk number database lookup and much more.

Furthermore, Mobile Fraud KYC allows you to verify a person’s firstname, lastname, date of birth and postcode against the data held on file by MNOs. Since MNOs conduct their own KYC checks on new customers, it gives you the ability to match personal information you collect against a trusted and verified source.

Benefits

Mobile Fraud Checks happen instantly and with zero customer friction. The data held by MNOs is often more recent and reliable than other data sources and a level of granularity is provided,  allowing you to see how many and which KYC fields matched.

Made for

 LENDERS   ONBOARDING   FINTECH  RISK ANALYSIS

Get started via

 WEB INTERFACE   API 

Pricing

 PAY PER LOOKUP 

Request a demo

Mobile Data for Credit Risk

Mobile Data for Credit Risk delivers the data required to predict credit risk based on a persons mobile phone information. Key data attributes include the network provider, line type, and KYC match information. Working in partnership with lenders we’ve been able to clearly identify correlations between this data and the likelihood of a loan going into arrears.

Benefits

Open Banking Vs Mobile Data. Which is the most effective in predicting bad borrowers? A recent project with a UK lender compared a risk model built with Open Banking against a model built with Honey Badger’s Mobile Data. The results showed that both models outputted almost identical risk scores. The difference? Mobile Data could be deployed immediately with no customer friction required to calculate a risk score.

Made for

 LENDERS   ONBOARDING  RISK

Get started via

 EMBEDDABLE WIDGET   WEB INTERFACE   API 

Pricing

 PAY PER LOOKUP 

Request a demo

Geo Authentication

Geo Authentication™ provides frictionless identity verification that reduces abandonment rates. Users simply select images that they recognise from nearby to their address. In built anti-fraud controls ensure that valid users can complete the challenge whilst bad actors are blocked.

Benefits

Leading lenders such as Amplifi Capital use Geo Authentication during applications as an alternative to more intrusive identity verification checks, such as document uploads, that cause high friction and lead to increased dropouts. Completion rates with Geo Authentication are 28% higher and have subsequently helped drive an increase in revenue for the business.

Made for

 LENDERS   ONBOARDING   ACCOUNT RECOVERY 

Get started via

 EMBEDDABLE WIDGET   WEB INTERFACE   API 

Pricing

 PAY PER AUTHENTICATION CHECK 

Request a demo