Monday, 28 October 2019 15:13

What Is Toll Fraud and What to Do About It?

Written by

Hackers commit toll fraud by hijacking a phone service and placing unauthorized long-distance calls. In severe cases, they charge thousands of dollars within a few hours. On average, toll-fraud damages amount to twice that caused by credit card fraud!

The end-user often assumes responsibility for toll fraud. Fraudsters target individual networks with vulnerabilities; rarely do they infiltrate a provider directly. Unless otherwise stated, a provider cannot compensate customers for attacks outside their control. After all, most vulnerabilities arise from things like unsecured passwords and low-barrier network configurations.

Two Types of Toll-Fraud

Illegal SIP Usage

Malicious scripts exist that detect open VoIP ports. Once discovered, they repeatedly try to authenticate to gain control of the system. When voicemail and other PBX component passwords are easy to crack, the attacks carry out successfully.

Compromised SIP credentials also allow fraudsters to connect to a VoIP system. Even on a single extension, toll fraud can grow quite expensive. Softphones, in particular, face this threat on open Wi-Fi networks. Sharing SIP details online via email or chat risks interception, too.

Subscription Fraud

Some fraudsters collect all the necessary documents to order and activate a hosted phone solution on behalf of another. Subscription fraud, like identity theft, is a serious crime. When overlooked for long periods, the charges can become exorbitant.

How to Fight Toll Fraud

When properly implemented, VoIP can protect against toll-fraud better than landline solutions. Follow the suggestions below to ensure safe calling. Early detection is paramount and total prevention ideal!

  • Change all default passwords
  • Set passwords with many characters (upper and lowercase), symbols, and numbers
  • Block outbound calling to locations other than those you contact regularly
  • Restrict after-hour calling or grant select users 24/7 outbound service
  • Reduce the accessibility settings of non-administrative users
  • Delete old or unused extensions, call devices and mailboxes
  • Limit call forwarding and transferring to internal or known numbers only
  • Verify all software/hardware within the network runs the latest version
  • Review your system’s call history and monitor individual user’s usage
  • Prohibit collect and reverse-charge calls
  • Keep DISA (Direct Inward System Access) numbers private and protected
  • Notify yourself of invalid attempts to enter the phone system and take corrective action to stop the individual from trying again (i.e. disable port)
  • Disconnect inactive modems and disable three-way calling
  • Set SIP port access restrictions at the IP address or subnet level
Read 3437 times
  • @1pbxio

    Braintree Certified

    Braintree Certified Badge


    ovh partner 280