News By Tag
News By Location
Rainbow Global Issues Advice on Fighting Toll Fraud
When you hear about ‘hacking’, your thoughts instantly turn to attempts to gain access to your online assets. But there’s another type of hacking that’s costing businesses in the UK £1.2 billion per year: toll fraud.
By: Rainbow Global Network Services
Toll Fraud Costs on Average of £10,000 per Victim
The UK is the third most targeted country for toll fraud, an organised crime that has terrorist and drug links. Incidents of toll fraud have risen 15% since 2011 and are costing victims an average of £10,000 each.
According to statistics, in the region of 84% of UK businesses are at risk from telephone hacking, and the type of telephone system they have doesn’t make any difference: it could be hosted, digital or analogue. The most alarming thing is that it can go undetected until the telephone bill arrives, by which time thousands of pounds worth of unauthorised calls could have been made. For smaller businesses, the effects can be devastating.
Toll fraud mostly involves the hijacking of a telephone system to dial out to premium numbers, usually in distant countries. The calls often cost several pounds per minute.
Different toll fraudsters operate with different agendas. Sometimes there is no personal gain involved: they do it just because they have a personal grievance with the company they attack. But in most cases, organised crime is at the core. Once fraudsters have found their way into a telephone system, they go on to sell phone cards or tariffs for international destinations at discounted rates. The calls are made through your lines, and the fraudsters earn out of the card and tariff sales. The earnings go on to fund crime.
Voice networks can also be hacked to obtain personal details from recorded conversations. Credit card or bank details, for example, can be taken and used fraudulently.
Toll fraud can also go in within a business. There is no hacking; it’s more opportunistic, with staff members using your telephone lines to make calls to premium rate or overseas numbers.
What are the Implications of Toll Fraud?
Dave Corgat, managing director of Rainbow Global (http://rainbow-
What Should I Look out for?
The majority of toll fraud happens out of hours when it is least likely to be detected, for example evenings, weekends and bank holidays. Fraudsters are more than aware of the reduced monitoring of lines during these times and seize the opportunity to dial into a phone system, home in on an unsecured or poorly protected voicemail box and start making calls to wherever they choose.
You should also be on your guard when it comes to monitoring reverse charge calls, or callers repeatedly asking to be transferred until they find an outside line. Look for repeated hang-ups on inbound calls; silent calls; requests for invalid extensions; obscene and silent calls. Also look out for complaints from incoming callers that lines are busy, or from staff unable to access an outside line. Fraudsters are persistent and cunning and will use all sorts of techniques to attempt to gain access to an outside line.
How can I prevent Toll Fraud?
Toll fraud tends to go unnoticed for quite some time, often because hackers target larger businesses with high phone bills that do not make a point of checking them carefully. This is one risk management task to put on your anti-toll fraud list.
Issues arise in many cases where not enough attention is paid to setting up and managing passwords to voicemail boxes, modems, routers, phone systems, computers and networks.
Fraudsters use powerful auto diallers to randomly search for insecure passwords, and their efforts will usually be successful.
Anti-Toll Fraud Checklist
Whilst it is not one hundred per cent possible to completely avoid toll fraud, there are certain measures you can take to reduce the risk. Dave Corgat suggests the following:
Educate every member of staff within your organisation that uses your telephone system about toll fraud so that they are aware of the issues, what to look out for and how to help prevent it.
Ensure passwords to mailboxes, networks, modems and routers, etc. are strong and certainly not left as default. Change them regularly and never allow them to be shared or written down.
When a member of staff leaves, disable their voicemail box or change their password.
Restrict call forwarding and call transfer features. Have your system configured so that users are only able to forward calls to trusted numbers.
Restrict outbound calls from certain extensions or place limits on the amount of calls that can be made, the times outbound calls are allowed, and the destinations calls can be made to. For example you could disable international calling (either to all destinations or selected countries), or prevent some or any calls being made after hours or during weekends.
Put policies in place concerning reverse charge calls. Ban them altogether, refuse them if they are from overseas destinations, or route them through a managerial or supervisory level within the organisation.
If you do not use telephone conferencing facilities, disable them. If you do use them, change the access codes on a regular basis.
Lock any surplus mailboxes and deactivate any telephone system functionality that is not used.
Carefully analyse telephone bills and if possible, don’t wait for monthly or quarterly bills to arrive: instead make a point of accessing and checking call logs on a weekly or more regular basis.
Talk to your telecoms provider about toll fraud solutions such as telephone system firewalls, line monitoring services and other applications designed to prevent hacking.
Waging War on Toll Fraud
Rainblow Global are committed to helping wage war on toll fraud. Dave Corgat summarises by saying, "You can help in the battle by being vigilant, and following the steps above. If you are a telecoms client of Rainbow, please get in touch to discuss how we can help you further. It is important you take steps immediately to protect your business from the devastating costs of toll fraud."
Rainbow Telecom was founded in 2002 and Rainbow Global Network Services LLP in 2006. The business is a leading supplier of some of the world’s premier telecoms, data and technology brands. For more information visit http://www.rainbow-