It’s midnight on a Saturday and the aroma of freshly brewed coffee begins to fill my kitchen.  A U.S. based Fraud Analyst, I’m anxiously awaiting a Skype message from my team of Field Application Engineers (FAEs) to alert me they are ready to begin the first day of a three-week-long Geolocation drive test project on the other side of the world.

“Bing.”  A notification resounds from my laptop.

Telecom Fraud Prevention with Fraud Analyst

It’s finally go time. Let the day (or night) begin…

Our FAEs have just been picked up by a local driver and the Versaradio™equipment has been loaded in the car. They show the driver a map on their computer screen indicating the suspect search area where they will begin drive testing.  This search area was generated by my Fraud Analyst team the previous week when we began receiving hourly fraud detection CDRs from the Operators.

Since then, my team has been monitoring the daily Minutes of Usage for each SIM Box operation to validate their active status. With this information, I identified which SIM Box operation was going to be our first target several days ago. With new detection CDRs sent hourly, our team continuously analyzes the most recent data and generates new suspect lists of fraudulent SIM Cards (IMSIs) and devices (IMEIs) to be uploaded by our FAEs to the Versaradio equipment.

Telecom Fraud Prevention with Fraud Analyst

Over the course of the night, I will be in constant communication with the FAEs, as the Geolocation process requires significant team work. Our FAEs are experts in using Radio Frequency (RF) signal and line-of-bearing measurements to determine exact GPS locations of SIM Box equipment, and our Analysts are experts in CDR analysis and identifying fraudulent behaviors hidden within the Versaradio™logs.

As Analysts, our most valuable skillset is analyzing the Protocol Signatures™or device fingerprints related to each IMSI and IMEI detected through the Versaradio™.  In Geolocation investigations, our team leverages our Protocol Signature™ technology to detect new fraudulent SIM cards that are actively being used for illegal voice termination through a SIM Box at the exact moment our FAEs are drive testing (we highly encourage operators to block or cut-off suspected SIM Cards as soon as they are detected to prevent further revenue loss, whicn often means that the IMSIs we received in the latest fraud detection CDRs have already been blocked by the operator).

So, as I sip coffee at my kitchen table, I continue to analyze the Versaradio™ logs in real-time and update the FAEs on my findings throughout the night. It doesn’t take long until I receive this satisfying Skype message:

Even after providing analytical support for hundreds of SIM Box busts across the world throughout the past 3.5 years I’ve worked for LATRO, I still get the same sense of thrill and accomplishment each time I receive this Skype message.  It’s one well worth staying awake in my kitchen until 4 AM to receive.

I type my response:

SIM Box Detection and Elimination - real pictures from the real world

Actual SIM Box Bust Pictures From The Project

“Hundreds of SIM cards for all operators”
“200 modems”
“10 SIM Boxes Found”
“One man arrested after he tried to flee the scene”
“17 SIM Boxes Found”
“7 DINStar SIM Boxes”
“Two men arrested”

And yet, the satisfaction only lasts a few moments.  I’ve been looking at the latest detection CDRs all night and I already know which SIM Box operation I want to find next.  We still have a lot of work to do.

So, I begin typing on my keyboard.


Over the next three weeks, my team proceeded to locate and bust 27 illegal SIM box operations across the country, helping our client recover an estimated $1.3M USD Revenue at Risk. From these busts, a total of 160 individual SIM Boxes, 2,901 Modems, and Thousands of SIM Cards were confiscated by the authorities.

Special thanks to the rest of our dedicated project team who ensured this project was a success!