It isn't just as simple as 'premium rate numbers'.
Some of the criminals behind these attacks will have access to the phone network. They'll pick an expensive route, like a range of phone numbers in Georgia (the country) from the USA, and offer a cheaper route to it. The system will start using their route for those calls. They'll accept all calls to that route, get paid, and never actually connect any calls.
That gives them a range of "normal" phone numbers which helps them avoid throttling on just one number. But they can be just as expensive as premium numbers to call.
At least, this is how it was explained to me as my team fought these attacks a couple years ago. We'd see calls to a large range of a few thousand numbers. Couldn't throttle on a single number.
I think you're conflating toll bypass fraud with IRSF. A grey route that never delivered any calls or only a fraction of them would have bad ACD numbers and people would not use that route. With hacked Asterisk/FreePBX boxes people usually call the international numbers described in OP and split the termination fee with some corrupt carrier/intermediary. There is a related fraud where people use the hacked Asterisk/FreePBX boxes to terminate calls, which from what I understand these actually have pretty good quality until the unwitting owner gets a $40,000 phone bill and shuts everything off. Traditional toll bypass fraud is when countries are expensive to call internationally but have cheap local calls, so people in those countries buy a bunch of sim cards, put them in a box with a bunch of gsm modems, and use those to basically "convert" an expensive international call to a cheap local call (and profit the difference between the two rates).
Edit: Oh, you're talking about number hijacking. I think they usually aren't offering termination services though, usually it goes hand in hand with the kind of fraud described in the OP.
> Traditional toll bypass fraud is when countries are expensive to call internationally but have cheap local calls, so people in those countries buy a bunch of sim cards, put them in a box with a bunch of gsm modems, and use those to basically "convert" an expensive international call to a cheap local call (and profit the difference between the two rates).
Is this really fraud? Is it fraud to offer any VOIP service, or only when it can connect to the phone network, like Skype?
I guess I could see how it might be against the T&C's of the telecom company, to offer a service that undercuts them, but hardly a criminal act of deception.
I consider it to be relatively harmless but how it is classified depends on the country. India is pretty cheap to call even absent simboxes but they still crack down on the practice for “national security reasons” because it makes tracking people more difficult. The UK (Ofcom) banned them outright for some reason a long time ago but that’s being appealed. In some African countries the laws are pretty vague and do not outright ban them, usually they charge people with “unregistered telecommunications business” or something like that.
Fraud is what the government decides it is, the governments have deemed this to be fraud.
Telecom companies don’t necessarily care about this, it’s often the governments who want to tax incoming international calls as an easy revenue source.
How is this a workable system!? Why would anyone pay them. This seems like fraud on the part of the phone networks for billing for service that was never provided or should have been provided cheaper.
while I don't agree with sanctions, this seems like the kind of time where you just block off a country/exchange entirely if you cannot have the confidence of what things cost to send there.
Some of the criminals behind these attacks will have access to the phone network. They'll pick an expensive route, like a range of phone numbers in Georgia (the country) from the USA, and offer a cheaper route to it. The system will start using their route for those calls. They'll accept all calls to that route, get paid, and never actually connect any calls.
That gives them a range of "normal" phone numbers which helps them avoid throttling on just one number. But they can be just as expensive as premium numbers to call.
At least, this is how it was explained to me as my team fought these attacks a couple years ago. We'd see calls to a large range of a few thousand numbers. Couldn't throttle on a single number.