False Answer Supervision (FAS)
What it is:
An attack that makes a call without customer interaction and begins billing the account with a connected but silent signal.
Calls intentionally begin billable minutes before the customer is aware of the call.
- Three types:
- Ringing is sent with an answer response, it starts billing before the customer answers
- Attacker connects a call and plays back ringing recording to keep customer connected
- Customer ends call; attacker will not release the call and customer is unaware
Customer will be charged connected minutes unknowingly
How to Start Prevention:
Review the CDRs on the account.
Look for a high frequency of short calls in an unusual period of time
PBX will also show an unusual amount of use
FAS refers to the scenario where the answer signal of a call is modified and charged for non-conversational call time. There are three general types of false answer supervision:
The carrier returns the answer signal when ringing starts, rather than when the customer answers. This increases the duration of the call, and therefore the cost of the call. A call may even be charged despite being dropped due to no answer.
The more fraudulent variant of this scheme involves call diversion. Here, the fraudulent carrier will route the call to a recorded message that plays a ring tone and then a recording. This is intended to keep the calling customer on the line and paying for the call as long as possible.
The third example of FAS is when a call is not terminated when the recipient hangs up and waits for the caller to disconnect. During the period between the recipient disconnecting and the caller disconnecting, the caller is billed.
FAS is particularly problematic because it preys on unsuspecting customers, resulting in high VoIP bills and, subsequently, high dissatisfaction with the telecom provider. To detect these calls, companies should look for short phone calls where the calling party hangs up nearly 100 percent of the time.