Telecom fraud is quietly one of the largest revenue drains in the global economy. Industry analysts put the annual cost in the tens of billions of euros, and the attackers behind it are getting faster, smarter, and harder to spot. The good news? So are the defenses. Here's a look at the patterns we see most often in 2025, and how AI-driven fraud detection is shifting the balance back in favor of legitimate operators.
The Attack Patterns We See Most Often
Three families of attack make up the bulk of what hits modern voice networks. International Revenue Share Fraud (IRSF) hijacks PBX systems and call routing to dial expensive premium-rate numbers controlled by the attacker. Wangiri ("one ring and cut") campaigns generate huge volumes of short calls hoping the recipient will dial back to a premium destination. And SIM swap chains increasingly feed into mobile-originated fraud, bypassing two-factor flows that businesses thought were safe.
What ties them all together is speed. A successful IRSF attack can drain six figures in a single weekend before anyone notices. By the time the bill arrives, the money is already on the other side of a settlement chain that's nearly impossible to claw back.
Why Rule-Based Defenses Aren't Enough Anymore
For years, fraud teams relied on static rules: hard ceilings on calls per minute, blocklists of known premium ranges, alerts on traffic to specific countries. These rules still matter, but attackers have learned to live just under the thresholds. They spread traffic across multiple destinations, time bursts to overnight windows, and rotate through premium ranges faster than any analyst can blocklist them.
Manual review simply can't keep up with the volume. By the time a human notices the anomaly in a daily report, the damage is already done.
How AI Changes the Game
At GlobalXess we run continuous behavioural baselines on every account: typical destinations, typical hours, typical call duration distributions. Anomaly detection then flags traffic that breaks the pattern in real time, not at the end of the billing cycle. When the confidence is high, suspicious traffic is throttled or blocked automatically; when it's borderline, it goes to a human reviewer with full context attached.
The result is that almost all fraud attempts get caught in their first few minutes, long before they turn into a financial event.
What This Means for You
Fewer disputed invoices. No 3 a.m. phone calls about traffic spikes you didn't authorize. A reputation with your customers and partners that doesn't take a hit because your numbers were briefly weaponised against them. And, frankly, fewer of those uncomfortable conversations with your CFO about a five-figure bill that nobody can explain.
Fraud isn't going away. But with the right defenses in place, it doesn't have to be your problem.