Don't let toll fraud give you an expensive headache this summer
By Cobus Communications | Posted: 25 Jul 2018
PABX fraud, often known as toll fraud is a global problem, generating close to £30 Billion for criminals. An average incident can cost in the thousands and it is happening across our region, with many documented instances of it affecting local businesses.
This is a real threat and is not just something that happens to others!
Summer can be a vulnerable time for businesses and we aim to do all that we can to support our customers to reduce the risk of an incident, so we’ve put together some handy instructions to help guard your business against toll fraud.
A senior manager should be aware of these safeguards and ensure staff follow them as relevant.
- Remove all default password settings and limit access to any maintenance ports.
- Passwords and access codes should be changed regularly and if possible be alpha/numeric and as many digits as the system allows. Avoid 0000, 1234, extension number=PIN passwords.
- Delete/change passwords for ex employees.
- Consider limiting call types by extension, if an extension user has no requirement to ring international/premium rate numbers then bar access to these call types.
- Secure the system physically, site it in a secure comms room and restrict access to that area.
- Regular reviews of calls should be carried out to cover analysis of billed calls by originating extension also to identify irregular usage and unexpected traffic.
- Ensure you fully understand your system’s functionality and capabilities and restrict access to those services which you do not use.
- Mailboxes – block access to unallocated mailboxes on the system, change the default PIN on unused mail boxes.
- Be vigilant for evidence of hacking – inability to get an outbound line is usually a good indicator of high volumes of traffic through your system. Check for calls outside business hours.
- Assess security of all PBX peripherals/applications: platform, operating system, password and permissions scheme. Carefully evaluate the security of any onboard remote management utility (eg PC Anywhere) for possible holes.
- Check firewall logs weekly.
For more information about protecting your telephone systems from toll fraud please contact the Cobus team on 01482 225666 or email firstname.lastname@example.org