Toll Fraud: Explain It
Toll fraud is an overlooked security threat for many small and medium-sized businesses. We live in a world where unlimited pricing and flat monthly rates have caused us to forget that every phone call costs money. Most calls made by a small or medium-sized business cost mere pennies. But toll fraud can cost tens of thousands of dollars.
According to a study by the Communications Fraud Control Association, estimated total fraud losses for telecommunication services in 2013 were $43.3 billion. Of that, $4.73 billion was from toll fraud alone. One company in New York discovered it had accumulated $166,000 worth of charges for phone calls made over a single weekend—when no one was in the office.
So, if toll fraud is such a big problem, what exactly is it?
Give a Little WhistlePut simply, toll fraud is stealing long-distance service. In 1957 a blind seven-year-old boy innocently discovered the best-known form of toll fraud when his whistling of a single note stopped a phone recording. At the time, many phone systems were controlled by single-frequency signaling, so a single note played in the correct pattern was interpreted as a command by the carrier’s system. A group of phone hackers, known as phreakers, reverse engineered those tones and figured out a way to make free long-distance phone calls. Eventually, the whistles led to the creation of “blue boxes” that recreated the tones electronically. People would buy the blue boxes to get around long-distance charges.
Phreakers gained a cult status over the years. Tech luminaries like Steve Jobs and Steve Wozniak were phreakers. Maybe because the phone companies were the victims, this form of toll fraud is now viewed romantically. Other types of toll fraud, which targeted consumers, often tricked people into dialing a toll number that would charge their account for excessive fees.
Modern Toll Fraud is HackingModern toll fraud starts with hackers looking for vulnerable VoIP servers. Once a hacker has gained access to the system they will initiate high volumes of international calls to high-toll countries where the hackers can get a share of the tolls. The calls are usually made at off-peak times, so a business may not notice the sudden change in their traffic until they receive their shockingly high bill.
Hackers can gain access to a company’s phone system through many of the same techniques they use to gain access to data networks. The most popular is the brute force attack. In this method, a hacker floods the server with attempts to register fake extensions. If passwords are weak, or easy-to-guess numbers are used to register extensions, a brute force attack can eventually find the right combination. Another technique is called vishing. In vishing, a user is tricked into providing security credentials over the phone or by opening a malicious email.
We don’t want to get bogged down in the details of hacking. The methods of attack are something that your IT department should know of, and any IP telephone system should be part of scheduled security audits. In the end, network security and monitoring are the keys to protection.
How to Protect YourselfYou’ve already taken the first step to protect yourself against toll fraud: you’re aware of its existence. Now it’s time to talk to your IT staff, provider, and employees. Important actions include:
- Have IT do a security audit of the entire network to ensure proper, enhanced security measures. Simple firewalls and border control sessions are not enough. IT should work with your vendor to create the best security solution for your company.
- Review user access and create a protocol for strong passwords and secure user accounts.
- Train your employees on their role in network security. Everyone is responsible for network security.
Talk to Your ProviderTraffic monitoring is essential in detecting toll fraud. Your company should be monitoring your traffic internally, but is your provider? Call your provider and ask what level of monitoring they provide, because not all providers offer the same services. A good provider will know your company’s traffic patterns and will work with you to set traffic thresholds. When a specified threshold is passed, the provider will look into the patterns and notify you of suspicious activity. In some cases, like here at Voxtelesys, international calling is disabled by default. It is difficult for a hacker to take advantage of what’s not available.
If you’re looking for high-quality IP voice service and want a provider that works hand in hand with you to ensure good outcome, from day one, contact us today. From SIP trunking to TCPA compliance, we’ve got you covered.