Global Technology Pioneer Slashes SMS Toll Fraud Costs in High-Risk Countries Working with Arkose Labs

Discover how a global technology pioneer achieved a 72% decrease in SMS toll fraud spend in targeted countries. Download the case study to replicate its success!  

What You’ll Learn

• How a global technology leader uncovered large-scale SMS toll fraud across high-risk regions How attackers abused OTP flows with colluding carriers and premium-rate numbers, threatening the company’s operational stability in multiple countries.
• Why standard defenses could not stop increasingly adaptive attackers How bots, scripted attacks, and eventually human fraud farms evolved to bypass initial protections, requiring more sophisticated and proactive countermeasures.
• How Arkose Bot Manager provided deep, early-stage intelligence across all OTP-secured touchpoints How device data, network forensics, behavioral patterns, and global threat signals were combined to identify suspicious sessions and prevent fraudulent sign-ups proactively.
• How targeted enforcement challenges neutralized both automation and human labor How Arkose’s step-up challenges exhausted attacker resources, blocked pivots to human fraud farms, and reduced the economic viability of repeat attacks.
• How AWS integration strengthened security, scale, and reliability How AWS WAFv2, CloudFront, and AWS Shield worked alongside Arkose Bot Manager to filter malicious traffic early and maintain seamless performance for legitimate users.

FAQ

Why was SMS toll fraud such a severe threat for the company?

Attackers triggered OTP messages to premium-rate numbers secured through colluding telecom carriers. Each OTP resulted in inflated charges billed to the company. According to the Business Problem section on page 1, the scale was so large the company even considered shutting down operations in one country because fraud determined profitability.

How did Arkose Labs detect and stop the attacks?

Arkose Bot Manager analyzed device type, network data, behavioral intent, and geographic patterns to detect abnormal activity. When sessions appeared suspicious, Arkose presented interactive challenges that automation could not solve—and that human fraud farms could not sustain. The attack lifecycle diagram on page 2 illustrates how each attacker pivot was detected and neutralized.

How did AWS services contribute to the solution?

AWS WAFv2 filtered malicious traffic using managed rule groups, while CloudFront delivered global edge protection and DDoS mitigation. Together with Arkose Labs, the company gained an integrated security posture that blocked malicious OTP flows early without sacrificing performance or availability.

What long-term benefits did the company achieve?

As detailed in the Demonstrated Results section on page 3, the company strengthened detection accuracy, reduced support burden, eliminated human-farm exploitation of SMS flows, and improved top-of-funnel visibility. It also preserved a nearly frictionless login experience for legitimate customers while future-proofing its fraud strategy.