Phone system hacking, commonly known as Toll Fraud, occurs when hackers hijack a service (your hosted or hardware-based phone system), making unauthorised calls to either long distance or premium rate numbers in order to generate extensive income for themselves. In severe cases thousands of pounds in call charges can be racked up within just a few hours (typically overnight when a business is closed). On average toll fraud charges amount to twice those caused by credit card fraud!
The end-user often assumes responsibility for toll fraud as the fraudsters target individual organisations who operate their own telephone system; rarely do they infiltrate a provider directly (e.g. BT). And unless otherwise stated in your service provider contract said provider (e.g. BT), won’t compensate customers for attacks outside of their control. Worrying, right!
A quick and easy way to help protect against toll fraud is by regularly changing passwords used by your employees to access individual or group voicemail boxes. This method of attack is the most common method employed by the fraudsters who make multiple call attempts in to individual, direct (DDI) numbers, and when presented with a voicemail greeting will attempt to login as the user by guessing his or her password (which as default is often 0000 or 1234). Once in this is when the fraudsters can hack the phone system and make unauthorised outbound calls. So, our advice in the first instance is to have your employees or system administrator change voicemail access password regularly! And if you need advice on how to do so get in touch with by emailing email@example.com.
For ultimate peace of mind we offer a free prevention service to help limit toll fraud on all telephone services provided direct by DE, be that analogue/digital lines, SIP channels or hosted VoIP. A fraud team which works 24 hours-a-day, 365 days-a-year passively tracks all outbound dialed numbers and if any appear to be unusual (e.g. not typically made from any given customer), they’re monitored and if suspected to be of a fraudulent nature a block will be placed on the dialed number so it can’t be called again. Customers are notified in case the number has been legitimately called, in which case the block will be lifted.
This level of protection doesn’t prevent costs associated to that first call being incurred, however, it does prevent fraudulent calls being made numerous times, therefore helping to limit the financial impact considerably. For example, a single fraudulent call may incur £50 in a single instance which lasts 5 minutes. Image what hours of the same outbound calling would do, all while your businesses is closed for the day and oblivious until receiving your next phone bill! Can your business afford that sort of irrecoverable loss?
If you’d like to know more about toll fraud and how to mitigate the affects using our free monitoring service please drop us an email to firstname.lastname@example.org.