Toll fraud is real and happening often. I have the advantage of working with several colleagues who have been in the telecommunications business since the early 1970’s. They agree that our customers have never experienced this much toll fraud.
What is toll fraud? Traditionally, it is when an individual illegally gains access to a customer’s PBX and places telephone calls. In the past, the “hacker” had to have specific knowledge about a business’s PBX in order to exploit its security weaknesses. This knowledge had to be specific because all the phone systems were proprietary based.
Today the telephony world is working with an ever increasing number of standards. Most of the PBX’s today adhere to one standard or another. Now the hacker only needs to be able to exploit a single standard in order to have access to thousands of potential “hacks”. The carriers are also adhering to these standards. Consequently, your PBX is not the only opportunity for toll fraud to occur.
Adhering to the following security procedures will help protect yourself and limit your company’s liability:
1. Create strong passwords on any SIP device.
2. Ask your carrier how they plan on notifying you when a hack is suspected and how they plan to deal with the situation.
3. If possible, block international calls and document your request. If not, contact your PBX supplier to discuss options on limiting your potential losses.
4. Purchase software that stores all of the telephone numbers your users call. Having this data will help you determine if the fraudulent call originated from your PBX or from your carrier’s network.
Toll Fraud is a real concern in today’s world and thousands of dollars of usage can be charged to you in less than a day! Please see the article below on the damage that can be done. As always, if you have any questions or would like to discuss further feel free to contact me.