Perpetrators carrying out transnational telecommunications fraud originally came from Taichung. The typical pattern of attack is Taiwanese fraudsters relocate to a third country, such as Cambodia, to lure victims living in another country, such as China, to hand over money to local mules in person or deposit it in a local bank or virtual service account.
Initially, these fraudulent activities ran on telecommunications networks that required strong authentication, but since 2006, fraudsters have learned to exploit voice-over IP technology to evade detection and tracking by law enforcement agencies.
More recently, they have evolved to leverage more modern communication tools such as short message service, Facebook and other social networking sites.
As telecom fraud has grown more sophisticated and proliferated, it has become a major social problem. As a result, failure to eradicate telecom fraud has consistently ranked very high on surveys of public complaints about the government.
To curb telecom fraud, the National Communications Commission said it has urged telecoms to adopt the following two measures. First, the system should automatically block calls originating from numbers that have been blacklisted in a government-managed anti-fraud database. Second, when an incoming call begins with the numbers “+886,” indicating that the true source caller ID is masked, the system should display an alert to notify the callee.
Although these two measures might be helpful in stopping telecom fraud, they are not enough. Instead, the telecommunications industry should consider this pain point as a business opportunity, and take the initiative to leverage the massive amount of information available and the unique service position of a telecom to develop an easy-to-deploy solution that could solve the problem.
The following are three ideas that could effectively stop telecom fraud. They can operate independently, but also complement one another.
The first is to aggressively detect phone numbers that perpetrators use to carry out telecom fraud based on their specific usage patterns. Telecom fraudsters need to continuously make tens or hundreds of phone calls a day before they succeed in defrauding someone. As such, the caller’s number usually shows a unique combination of the following three call patterns: (1) the number of calls it makes within a unit of time is many times higher than that of phones used by ordinary people; (2) the numbers it calls are rarely repeated, and the callee numbers are not correlated in any obvious way; and (3) it rarely receives calls.
Based on the above patterns, after a telecom allocates a phone number to a new user, it should keep track of the usage pattern of this number for a period to determine whether it is being used for fraud.
The operator could work with law enforcement authorities to carry out an in-depth content analysis of some of the calls initiated by a suspect number to ascertain whether it is indeed being used for fraud. The implementation of the above mechanism is relatively straightforward, and the false positive rate is likely to be close to zero.
Telecom fraudsters take advantage of victims’ confusion and panic to induce them to make rash judgements. To combat this, telecoms could, using the latest telecom fraud techniques, mount high-fidelity simulated attacks on a target user, and, after each drill, explain to the “victim” the attacker’s specific techniques and their mistakes in the process, thereby enhancing each target user’s overall readiness to handle real-world fraudulent calls.
A similar drill mechanism has achieved great success in protecting users against malicious e-mail attacks, and should be equally effective in improving users’ immunity against telecom fraud. Moreover, since telecoms have access to subscribers’ personal information, they could leverage this to increase the degree of believability of simulated fraud attacks.
The third is to deploy a robot telephone assistant to answer calls from a unknown number, filter out fraudulent, advertising, sales or harassing calls, and then decide whether to transfer them to the user it serves. To do its job well, this robot assistant must keep abreast of the latest wording, routines and tricks used by telecom fraudsters. It should also have the capability to identify the caller’s organization, look up the organization’s number and call back. Such call-back capability would significantly increase the difficulty of perpetrating telecom fraud.
With the advent of ChatGPT, people are worried that telecom fraudsters might use the technology to automate and scale up their operations. However, the good guys could apply the same ChatGPT technology to, for example, facilitate the implementation of the three anti-telecom-fraud ideas described above.
In the constant technological tug-of-war between telecom fraudsters and their nemesis, which side eventually wins out would depend critically on the extent to which they could innovate on top of ChatGPT.
Chiueh Tzi-cker is a joint appointment professor in the Institute of Information Security at National Tsing Hua University.
On May 7, 1971, Henry Kissinger planned his first, ultra-secret mission to China and pondered whether it would be better to meet his Chinese interlocutors “in Pakistan where the Pakistanis would tape the meeting — or in China where the Chinese would do the taping.” After a flicker of thought, he decided to have the Chinese do all the tape recording, translating and transcribing. Fortuitously, historians have several thousand pages of verbatim texts of Dr. Kissinger’s negotiations with his Chinese counterparts. Paradoxically, behind the scenes, Chinese stenographers prepared verbatim English language typescripts faster than they could translate and type them
More than 30 years ago when I immigrated to the US, applied for citizenship and took the 100-question civics test, the one part of the naturalization process that left the deepest impression on me was one question on the N-400 form, which asked: “Have you ever been a member of, involved in or in any way associated with any communist or totalitarian party anywhere in the world?” Answering “yes” could lead to the rejection of your application. Some people might try their luck and lie, but if exposed, the consequences could be much worse — a person could be fined,
Taiwan aims to elevate its strategic position in supply chains by becoming an artificial intelligence (AI) hub for Nvidia Corp, providing everything from advanced chips and components to servers, in an attempt to edge out its closest rival in the region, South Korea. Taiwan’s importance in the AI ecosystem was clearly reflected in three major announcements Nvidia made during this year’s Computex trade show in Taipei. First, the US company’s number of partners in Taiwan would surge to 122 this year, from 34 last year, according to a slide shown during CEO Jensen Huang’s (黃仁勳) keynote speech on Monday last week.
On May 13, the Legislative Yuan passed an amendment to Article 6 of the Nuclear Reactor Facilities Regulation Act (核子反應器設施管制法) that would extend the life of nuclear reactors from 40 to 60 years, thereby providing a legal basis for the extension or reactivation of nuclear power plants. On May 20, Chinese Nationalist Party (KMT) and Taiwan People’s Party (TPP) legislators used their numerical advantage to pass the TPP caucus’ proposal for a public referendum that would determine whether the Ma-anshan Nuclear Power Plant should resume operations, provided it is deemed safe by the authorities. The Central Election Commission (CEC) has