Following a strong resurgence of IRSF (International Revenue Share Fraud) since the EU’s implementation of Roam-Like-Home, telcos have observed a dramatic increase in “Wangiri” fraud. In response, iCONX has developed and released new functionality aimed at identifying and combatting Wangiri.

What is Wangiri?

“Wangiri” (meaning“one ring and cut” in Japanese, where the fraud first originated) is essentially a callback fraud whereby inbound calls are sent (often in massive volumes) from expensive International premium numbers and immediately disconnected in the hope that those targeted will call back. The return call is almost always associated with an IRSF revenue share arrangement, which provides the financial motivation

“Wangiri A” refers to the inbound call, designed to tempt or “bait” the subscriber to call back

“Wangiri B” refers to the return call which is made by the subscriber, a certain percentage of whom either believe the call must have been legitimate, or are simply curious


Wangiri attacks often have a short lifecycle, between 2 and 4 hours, before ceasing again. They most often take place outside office hours, and/or across weekends or public holidays, when fraudsters judge that telco fraud teams are less vigilant to such attacks

Incoming numbers will be recognised as coming from a high-cost destination, and taken en masse the calls are likely to have an ACD (average call duration) of 0.00 or thereabouts

Call volumes tend to be very high. The fraud relies on a percentage of people calling back, and hence by increasing the volume of calls they hope to load the numbers in their favour.

iCONX solution

Via careful screening of incoming calls in realtime, iCONX now has the capability to quickly alert users to an incoming Wangiri attack. System alerts and notifications are issued through the standard iCONX reporting services functionality.

Note that in most customer installations, iCONX systems are polling the network in near realtime, with a continuous processing of traffic.

Via these methods, iCONX has the potential for much earlier detection of inbound Wangiri attacks when compared to a standard telco FMS (Fraud Management System), which may typically concern itself more with the Wangiri response, than the initial Wangiri baiting.

Direct interfaces to the network are enjoyed by iCONX customers of the Routing Optimisation solution, in order to provision new routing plans straight to the switch. In these cases, iCONX can directly offer a blocking interface so that the number ranges related to a Wangiri attack can be blocked

For more information please contact