We’ve all heard about it happening to someone: strange charges appearing on their phone bill for hour-long calls made to foreign countries, or for collect calls they never accepted. Sometimes there’s a plausible explanation (a new employee trying really hard to expand the company’s customer base). But more often, it's phone fraud.

There are several ways that telecommunication services may be fraudulently accessed, but it is possible to take steps to minimize fraud exposure on your network. While we at TelePacific hope this never happens to you, we’ve developed some simple guidelines to help you prevent fraud and to help get to the bottom of the situation if you discover fraudulent activities.

1   Check administration security codes for both the PBX and voicemail systems.

2   Verify with your PBX vendor if your PBX is Internet-enabled, because hacking can occur through the Internet into your PBX.

  • If there is no need to have your PBX Internet-enabled, have your vendor disable it.
  • Ask your vendor to check for inbound data spikes that may appear to be hacking activities.
  • If it has been hacked, change the login and password to the router of your IP PBX.

3   Ask your PBX vendor to identify which phone line(s) placed the fraudulent calls.

4   All voicemail boxes must be checked to identify if there are any existing boxes set up with the default code, soft pin or extension.

  • All voicemail boxes must have hard security codes.
  • Hackers who have compromised a voicemail box will preprogram the fraud destination number(s). After they've done this, they use the transfer feature, pager feature, and/or zero out feature to place their calls out. Your vendor should be able to identify which feature was used.
  • The hackers can also pre-record a message stating “yes, yes.” This will allow hackers to place collect calls.

5   Disallow remote access on the PBX and voicemail to minimize fraud exposures.

6   Block calls to all international countries that are not called as part of your normal business. Calls must be blocked in your PBX or phone systems.

  • TelePacific is unable to block outbound calls to Canada; the blocking must be done directly in the PBX/Phone system.

7   Block 3rd party/collect calls in the PBX or system.

8   Block Casual Calling (1010) in the PBX or system.

9   Hackers will also place fraudulent calls going through different long distance carriers.

  • Many long distance carriers allow calls to complete through their network without the caller being a subscriber. International rates billed by these carriers are very high.
  • If you receive a bill from another carrier for the fraudulent calls, our Fraud/Loss Prevention Department will provide your company a letter of confirmation that fraud occurred on your telephone line(s).

10 “Social Engineering” may be used, where a caller manipulates someone into performing an action or divulging confidential information. When the types of calls described below are received, please report the call to TelePacific’s Fraud Department.

  • A fraud perpetrator may call into a business establishment pretending to be a technician for a phone company.
  • The perpetrator will manipulate the party into pressing certain digits on the telephone keypad, allowing the perpetrator to place free long distance calls.
  • The party will be charged for the long distance calls.
 

11 Keep phone rooms locked.

  • Always validate credentials for all techs who visit your sites.
  • Fraud perpetrators can gain access to unsecured phone rooms. A device can be clipped onto your line(s) to place fraud calls.
  • If your phone room is not locked, check for unusual devices clipped onto your phone lines.

12 Do not transfer callers to 900; this is a fraud scam. Dialing 9 for an outside line and then 00 will give the fraud perpetrator a long distance operator.

Sometimes modem hijacking is used to make fraudulent long distance calls from your computer that are billed to your phone number. Possible steps to prevent modem hijacking include:

  • Turn off your computer and modem when they are not in use.
  • Unplug phone connections from the modem when the modem is not in use.
  • Raise the volume level of your modem, so that you are aware of a redial.
  • Be aware when visiting sites of questionable content, or avoid such sites entirely.
  • Do not download anything from untrusted web sites.
  • Close pop-up windows by selecting the “X” button in the upper right hand corner rather than using embedded icons (something that says “close”).
  • Keep your OS current with patches and updates.
  • Ensure Internet dial-up access numbers are on your local phone plan; delete unknown access numbers.
  • Consider anti-virus software and update it regularly.
  • Disable ActiveX.

Your company is responsible for securing your network and phone system from hackers. If you suspect you may be the victim of fraud, call TelePacific’s Fraud/Loss Prevention Department at (866) 839-8545. While we are happy to help in any way we can to identify the source of fraud, TelePacific is not financially responsible for any billing that you may receive from another carrier relating to your fraud incident. More information on possible fraud methods and ways to protect your company are available at www.telepacific.com. Stay safe!
Email Marketing by