You’d think doing nothing costs nothing, but when it comes to telecoms fraud, the cost of doing nothing can be disastrous for a business. Dial Through Fraud can cost you as much as £1,000 per day - how long will it take you to spot it if you are a victim? Until next month’s bill? That’s £30,000 too late...
You can’t always be as technically knowledgeable as the criminals but we can help. Telecommunications is our specialist field - talk to us if you have any concerns or would like advice on securing your business before you get caught and hit with a bill for calls you haven’t made.
Methods traditionally associated with hacking IT systems are now being extended to telecom systems, and of all the potential areas targeted for telecoms fraud, the telephone system (PBX) is one of the most common.
Hackers are part of organised crime rings and are extremely efficient at what they do - your business could feature as a part of their crime by leaving a ‘back door’ for them to access your
lines. If your PBX or Voicemail system has a facility to allow users to dial into it and ‘break out’ (dial other numbers as if they were sitting at their desk), you could be their next victim.
If they can access your PBX dial through facility (you might not be aware your system has this facility so it’s likely that you have left the password at default!) they will swamp your system at night or over a weekend, and will break out from your PBX to dial a similar victim in an international location. This could run across 10 lines (10 international calls running all night or all weekend), cleverly disconnected before your work day commences ready to start again the next night; once they have hacked into your system they will take full advantage. They will run up huge bills which you will be faced with having to pay.
Meanwhile they pocket cash from phone shop users abroad to fund who knows what sort of criminal or terrorist activity.
Not all hacks are as vicious, but can be equally damaging. Even when you’ve battened down the hatches you can still get a nasty surprise.
We’ve seen a recent example where night shift cleaners were using the office phones to dial their family and friends abroad. The business in question had locked out their ‘dial through’ facilities and even had their phone system set to bar international calls at night and weekends. They had however failed to bar access to the international operator. The fraudsters simply dialled the international operator on 155 and asked to be put through to the number they required, and their mission was accomplished, while costing the business up to £400 for each call lasting a couple of hours.
• Direct financial loss
• Damage to reputation
• Loss of service
• Inability to identify surplus circuits and thus cost savings
• Legal action
• …and much more
Ensure your IT or Telecom Manager minimises risk by conducting regular assessments of:
• user privileges and restrictions
• calling patterns
• routing access and selection
• passwords
• remote maintenance protection
• physical security of equipment
• E-bill at the end of each month which is fully importable into most software packages.
• Web Bill – monitor your usage throughout the month, no need to wait for your bill at the end of the month for any nasty surprises!
• Fraud e-alerts – within Web Bill, you can set up alerts to be sent to your inbox if certain criteria are met. For example, you can have an alert for calls made over a certain value, or if they’re made out of office hours, or to certain destinations.
• UseaBILLity – outbound call logger software which you can import your billing data into each month and conduct in depth analysis of calling patterns etc. It stores the data so over time you can compare over longer periods of time.
Talk to your PBX and voicemail maintainer. They can disable the Dial Through services, or at least change the default passwords to make the system more secure.
