What should I expect when Bandwidth identifies a potential fraud event?


Stephen Thayer


Bandwidth generally monitors customer traffic patterns to detect any fraudulent activity that may be present on customer accounts that are enabled for outbound calling. This monitoring is primarily used to protect the Bandwidth network from fraudulent call traffic and isn't meant to replace network security measures within your own systems. As a courtesy, if our monitoring systems detect suspicious call traffic, we may generate a ticket to notify you of atypical traffic patterns associated with your account. 

If we detect an unusual activity, the Bandwidth NOC team may also place restrictions on the IP addresses associated with the suspect traffic. They'll notify you via a ticket, informing you that a potential fraud event has occurred. In this ticket, you'll find Call Detail Records (CDRs), providing details about the call traffic in question, along with any action we may have decided to take.

In order to have any IP restrictions removed, please take the following actions:

1. Review the attached CDRs to determine if the activity is indeed fraudulent.

  • If you determine that the traffic is legitimate, please update the ticket stating the traffic isn't fraudulent and that you accept the charges.
  • If you determine that the traffic is fraudulent, please:
    • Isolate and remove the source of the traffic from your network.
    • Update the ticket stating the traffic is fraudulent and that you accept the charges, as well as describing what mitigation steps you've taken to stop the fraudulent event.
  • Please be aware that regardless of the origin of the traffic, under the terms of your agreement Bandwidth customers remain responsible for any charges associated with the event.

2. Once you've updated the ticket, our technicians will be notified to remove the restrictions which may have been applied to the affected IP addresses.

Note: Bandwidth monitoring should never be used in place of security measures on your local network, and we encourage all customers to have adequate security features and monitoring in place to protect their networks from fraudulent calling.

Article is closed for comments.