“Hello, and welcome to Humbug Telecom Labs, for more information about Humbug please press 1. If you would like to learn more about telephony analytics, please press 2. For information about telephony fraud and how much money you may be wasting every day, please press 3. For all other inquires, please press 9 or hold for the operator…”

Did you know that most modern PBX systems can be exploited? were you aware that your cellphone voicemail box can be exploited as well? If you had reached this blog, then most probably call analytics and fraud analysis interest you in some way and you’ve come here to learn a bit more.

Customer: How in !@$!@$ this my office phone bill reach 8000$???
Customer Care: Well sir, I can see that you’ve made over 2000 calls to Cuba.
Customer: Cuba? are you kidding me? we never call Cuba!
Customer Care: I’m sorry sir, it would look as your PBX got hijacked!

Sounds far fetched to you? well, it’s not all that far fetched at all. According to the CFCA, the global profit leakage due to fraud is estimated at a whooping 80B dollars a year. Telephony fraud alone is estimated at a cool 30B$ per year. This information is publicly available on their website, or just download this PDF. In Israel alone, where our development team is located, Nir had identified over 0.5M$ worth of profit leakage due to telephony fraud in the last 6 months – and was not even a country wide survey. In other words, telephony fraud was always here, we were simply unaware of its ramifications on our business and day to day life.

The conspiracy behind telephony fraud

If you ask people in the industry about telephony fraud, they would more or less negate the issue with: “well, it’s here, but it’s not as big an issue as it may seem”. In addition to that, if you ask the various carriers around the world for their fraud percentage, they will never give you a definite answer – simply because admitting publicly and openly that your systems are susceptible to fraud is like saying: “don’t do business with me!”. Imagine that Verizon or AT&T would admit that their cellular networks can be utilized to “steal” money from their mobile subscribers – there would be a massive fall out of customers all over the place. So, in this case, everybody keeps their mouths shut, and simply continues on with their day to day life, simply ignoring the problem – maybe if we’ll ignore it, it will go away. So, the carriers utilize organizations such as FIINA, CFCA and VoIPSA in order to communicate among themselves regarding these issues, however, the public is never exposed to these – we rely on our carriers to protect us, when in fact, they are as naked as we are – only they are aware that they are naked.

The Humbug Manifesto

  1. The Humbug project is a community oriented project and as such regards itself as a “Do No Evil” project.
  2. The Humbug project members are governed by a strict code of conduct – we never utilize your data for anything other than performing the analytical tasks required.
  3. All our analytical agents are fully open sourced – so you can see that we don’t do anything malicious to your systems.
  4. All your data is kept encrypted on the system – encryption keys are kept off the normal system, so even if the data is compromised – it can’t be used.
  5. The following will never be a part of the project model or related business models:
    • Selling information to a 3rd party.
    • Doctoring information.
    • Dealing in customer related data.
    • Exposing data to 3rd parties.
  6. We will never promote or endorse a certain vendor over another, Humbug is vendor agnostic.
  7. We see ourselves as Open Source community enablers and promoters, as such we will always abide by the rules of the Open Source licensing terms and agreements, for each the respectable Open Source projects we utilize in our platform.