Phone Hacking Prevention

It is estimated that telephone system (PBX) hacking / phreaking / toll fraud is now a global criminal business, with £1.2 billion being charged to UK companies in unexpected phone calls.

PBX dial through fraud is conducted by criminals who hack into a phone system – usually at night and weekends so as to minimise detection – who then run up vast charges against the exchange line accounts of the innocent owners of the phone system. Websites exist that are dedicated to phone system hacking, not just fun for computer geeks, but a guide for organised criminal gangs.

In our experience, once you have been made the victim of hacking, all these organisations will be unsympathetic to your position:

• Police – “we cannot find the fraudster, it’s a needle in a haystack”
• Network Operator (BT, Daisy, etc.) – “we simply charge for all calls made from your telephone lines”
• System Manufacturer (Samsung, Mitel, etc.) – “our systems are designed to switch calls, it is your job to control user access”
• System Maintainer – “we only repair broken systems, we do not prevent theft”

In simple terms, you are left with a huge bill and no option other than to pay it immediately or be cut off.

The most frequent way for criminals to gain access to your system is through the voicemail. Once access has been gained, your number will be given out to multiple sources, from where hundreds if not thousands of premium rate calls will be made.

5 Key ways to minimise voicemail risks:

• Always change the default password you are initially given on your voicemail box.
• Always remove messages after listening to them as deleted messages cannot be hacked.
• Always make your voicemail password as long as your system will allow.
• Always check your outgoing voicemail message to make sure it is still yours
• Always change your voicemail password regularly, and make sure it’s not recognisable combinations such as 1234 or 0000

Other common sense ways to minimise risks:

• Lock the comms room day and night, restrict access to telephone system programming
• Regularly change your system administration password
• Make sure all unnecessary call forwards and remote accesses are deleted
• Set up a ‘Call Restriction’ plan with your call carrier / line provider. They will usually email you within 24 hours if they detect suspicious activity

The Optimal Security Measure: Voice Firewall

The ‘Belts and braces’ security measure is to install a Voice Firewall. This tool essentially sits between your phone system and the line box, and blocks any unauthorised calls as specified by you. Such as all international calls, calls lasting more than 5 minutes after 6pm, all premium rate calls, etc.

Voice Firewalls have dropped in price dramatically in the last few years as the demand for them has increased.

If you would like to discuss your own system in more detail, or would like to see a PDF describing the Voice Firewall functionality, please click here: info@tridentvoice.co.uk