Latest News and Event

Toll Fraud and Dial through Telephone Fraud

Posted on

It has come to our attention that there is an increasing risk of hackers accessing telephone systems, ISDN, analogue lines, SIP lines and networks. This could potentially result in hackers running up large bills on your account for which you are directly liable for. Professional hackers set up powerful auto dialler’s to then randomly search for a telephone system industry passwords or public IP addresses which when hacked allows access to your voicemail box, lines or SIP trunks which then dial out repeatedly on your lines to premium numbers, pre sold expensive destinations which over the course of the weekend, overnight and bank holiday can run up thousands of pounds on your accounts which, by law, you have to pay.

At present, unfortunately, the industry seems to be unable to prevent this type of fraud and prosecutions are rare. Midshire Telecom have put together a set of guidelines that you can follow to ensure that you are tacking precautions when it comes to hackers:

Ensure that every mailbox on your voicemail system has a secure password and are not set to default – 1234, 2580

Ensure you change passwords regularly on your networks, telephone admin, routers, modems and computers

Ensure that when engineers pass on information to users during the original installation, that they are kept in a secure place as they can be mislaid or misdirected

Disable all conferencing facilities if you do not use this function, or regularly change the access codes

Be aware that SIP trunks are particularly susceptible via the public IP addresses attached to the Telephone System on your computer network

You are responsible for security on your lines, telephone systems and computer networks

Bank Holidays and public holidays are a favourite time for hackers as they will attempt to access your systems

The key to protecting your company from Toll Fraud is by having the appropriate knowledge to defend yourself and your business. Taking our advice on the prevention methods could potentially reduce the risk of your system being hacked significantly.

All staff should have some form of training to optimise efficiency of the systems that they use. It is clear that in most cases of Toll Fraud are linked to authorisation codes and passwords being stolen. Safeguarding information is vital, the numbers should never be written down or programmed into the auto dialler.

It is also important to establish the identity of anyone placing a collect call to the company, as this is another way that information can be hacked. Identifying anyone who is placing a collect call to the company before accepting calls.

Ensure that you are keeping a close eye on any suspicious activity happening on your telephone system. All of the following should be looked into:

Obscene phone calls

Continuous hanging up the phone

Recurring incidents of asking for invalid extension numbers or claiming that they have dialled the wrong number

Callers asking who they have reached

Silent calls that wait and then hang up

All of these techniques have been used in the past and should raise alarm bells if they occur in your office. If you notice any of these activities within your company you should contact you calls and lines provider immediately and they will help to prevent this from happening further.