Toll Fraud - How Secure Are You?
Posted on 31st October 2017 at 14:27
Toll Fraud/Phone Fraud costs businesses in the UK £1.2 billion each year (CFCA 2013) and is an ongoing threat to us. Often, we do not realise that we have been a victim of this cybercrime until we receive an extortionate telephone bill. In this month's blog we will look at how you can protect your telephone system and reduce the risk of you being attacked.
Toll fraud is unauthorised access to your phone system by fraudsters who then sell this service to people who want to make long distance calls charging less than what the genuine service providers would do, making themselves a nice profit in the process. It also comes in other forms.
Types of Fraud
Unauthorised calls by individuals with physical access to your telephone system
Malicious disruption - hackers who deliberately manipulate tools, not for fraudulent reasons but because they want to cause mischief and or to exploit security systems
Organised crime - sophisticated hackers who are looking to generate money quickly
How do they do it?
Hackers can scan the internet looking for IP addresses and also telephone systems with security weaknesses or which haven't been configured properly
Hackers will typically target holiday seasons such as Christmas, Easter and Bank Holidays when the office is quieter and closed for a longer period of time.
The time period 2am - 6am is particuarly popular as most businesses will not be operating as normal and fraudulent activity is more likely to go ahead.
How can you protect your phone system
Barr international calling if your company does not need it. If international calling is required, your system should allow you to block certain country and city code combinations
Change your phone system & voicemail passwords reguarly and don't use obvious combinations such as 1234 or your extension number
Even during company business hours, limit system and remote access to authorised personnel only
Restrict all outbound after hours calling
Educate your employees. If they receive suspicious calls requesting transfers or passwords, they should redirect the call to the phone system administrator
If the voicemail on your phone system allows out-dialling functionality and your company doesn't need it, turn it off and change your passwords
Review your bills each month - do they show normal calling patterns?
Ensure former employees do not have access to the phone system and disable mail boxes and remove all access immediately
Make sure your phone system and voicemail systems are up to date and that all current software releases are installed
Toll fraud will continue to be a threat and the techniques used by the hackers will become more sophisticated, but by taking the precautions we have recommended you will reduce the risk of becoming their latest victim.
Share this post: