Imagine opening up your monthly telephone bill to find tens of thousands of dollars in mystery charges. And then opening more bills from other companies – ones that you don’t even do business with – to find over $500,000 owing from long distance calls. The kicker? The calls originated from your office, but you didn’t make them.
Long distance fraud is something that happens more often than we realize and businesses around the world are falling victim to the scam. Usually hackers gain access to the telephone system through something we take for granted in the business world: Remote voice mail access. Once they find a vulnerability, which can be as simple as guessing a weak or default voice mail password, they take over the phone system and use it to make international phone calls. This activity racks up hefty bills, which in turn sets you up for the shock of a lifetime when you rip open the mail.
But employee voice mail isn’t the only way to exploit a system. Sometimes phone vendors will set up remote programming capabilities with weak passwords, allowing techs to make off-site changes and hackers to worm their way in as well. Improperly secured IP phone systems can also experience password breaches.
Most businesses don’t realize until it’s too late. Some large telcos have fraud departments that monitor for unusual activity, but a compromised system is not always immediately detected. Many of the criminals commit their nefarious actions during weekends or holiday periods when it will not be noticed as quickly. While you are enjoying a weekend puttering in the garden, crooks are busy calling far-off locales like Somalia or Saudi Arabia on your dime.
What is being done to quash this epidemic? It is a struggle for authorities to track down and prosecute the offenders, thanks to their ability to cover their tracks and spoof the phone numbers from which their illicit activity originates. This makes it impossible to block the offending numbers. Volume is also a factor – the scam is so widespread it would take a significant amount of police time and resources to catch the culprits.
Reviewing your system and taking steps to protect yourself is the best line of defence. Though not fail safe, strong passwords go a long way. We have been taught to use strong passwords for our online accounts – though some still fail to take heed to the advice – and the same applies to our voice mail passwords. If you are using an easy to remember, and an equally easy to hack password such as ‘0000’ or ‘1234’ you are leaving yourself susceptible to an attack.
Choose a complex password and change it frequently. Sometimes hackers will change a voice mail greeting to fool operators into thinking a collect call has been accepted, so check yours often. Disable any features on your phone system that are not used, such as call-forwarding or out-of-office paging.
And if you fall victim to long distance fraud, be prepared to fight. Carriers aren’t always quick to write off the charges so contact your telecommunications consultant to ensure the matter is taken care of quickly and efficiently.