In the modern, technology laiden world we live in, it has never been easier to accomplish simple tasks that were previously not possible. It has also never been easier for those with ill intentions to steal from innocent and oblivious individuals who have not taken the proper steps to protect themselves.
What is Toll Fraud?
Toll Fraud is the theft of long-distance services by an unknown third party. One of the most common forms of toll fraud occurs through unauthorized entry into a phone system or the equipment it uses. Businesses that use telephone systems and voicemail systems are particularly at risk if they have not secured their systems.
Toll fraud is a global, industry wide issue with the potentially to cost a victim tens of thousands of dollars-worth of long-distances calls in a short period of time.
Recently there has been a massive increase in the amount of toll fraud taking placing in the interior of B.C. Many business owners have had system breaches which have resulted in toll fraud and large, unwanted telephone bills.
Are you legally obligated to pay for fees by fraudulent users?
Think of those who commit toll fraud as computer hackers. Just in the same way someone can hack into your computer and leave a virus, they can hack into your phone system, leaving you with a hefty bill. If a call is orchestrated through your phone system or equipment, you are responsible for paying for the charges associated with that call, regardless of the fact if you authorized it or not.
TOPS takes precautions in order to safeguard our customers, reducing the risk of toll fraud in their organization. We also recommend engaging the support program for your phone system however it is ultimately the business owners responsibility to ensure their phone system and equipment is secure.
What Can You do to Protect Your Phone System?
There are a few precautions you can take to protect your phone equipment and systems but just like any other security measure- you must actually implement these ideas and review their effectiveness often. You wouldn’t leave your front door open or the keys to your car in the ignition but if you are not following these 10 steps right now, that is the level of access you are giving criminals to your phone system.
Outside of these 10 steps, we do also encourage you to contract the provider or maintainer of your phone system to discuss security measures specific to your own set up.
1. GENERAL SECURITY: Have an annual review, maintain strong physical security, follow best practices for securing an IP-based service, monitor resources for new vulnerabilities, maintain patches, and review logs. Consider utilizing standards-based security add-ons where possible.
2. TOLL RESTRICTION: International locations are the major destination for toll fraud calls. Recommended practice is to block all international numbers and only enable those you need to call. Some systems allow for passwords to be required for long-distance calls.
3. RESTRICT OUTBOUND/EXTERNAL TRANSFER OPTIONS
4. PASSWORDS: Immediately change the default passwords provided with your phone systems. Change user and administration passwords frequently. Change phone system passwords when key personnel leave your organization.
5. UNUSED MAILBOXES & PHONES: When employees leave the company, remove their access from all phone systems immediately. This is not only to protect against retaliation from a disgruntled ex-employee but also from anyone who may obtain that ex-employee’s login information.
6. SOFTWARE PATCHES: Make sure that your phone and voice mail systems are up to date and have all current patches installed. TOPS Partner programs offer preventative maintenance, including updating firmware and patching security holes.
7. MONITORING: Monitor calling patterns and usage using whatever auditing features are provided with the system on a daily or weekly basis. Most toll fraud is generated in a short time days to weeks and usually after hours when detection is least likely. Encourage employees to report strange languages on voice massages, especially those left after hours, or unusual and unexpected activity by the phone system (i.e. all lines busy first thing in the morning).
8. SOCIAL ENGINEERING: Instruct employees to never give out technical or password information about your phone systems to unknown callers. Taking a moment to return a call can help to ensure you are speaking to the correct people.
9. FORMAL AUDIT: Consider having TOPs audit your phone systems to probe for any vulnerabilities that may have been overlooked or neglected.
10. IP PBX: IP PBXs are susceptible to the same fraud issues as traditional phone systems. Additionally, they are also subject to security gaps in your data network. Control administrative access, user host-based intrusion prevention, and use network firewalls/intrusion prevention systems.
What to do if you suspect Toll Fraud
- Contact TOPs immediately to have security breaches checked into.
- Call your long-distance provider immediately.
Get Your Security Audit Today
TOPS Telecom is offering to perform a security audit of your telephone system for a flat rate of $125 to secure your system & change passwords. We also restrict international calling if you wish disable the telephone system from allowing calls out through external ports.
Protect your business today by partnering with your local technology experts.