Welcome to CyMark Largo!

Topic this month:
Toll Fraud

July 2009

If you thought your Private Branch Exchange (PBX) is secure and the only problem you have is private call abuse by employees, think again. Or rather contact you PBX vendor and make absolutely sure that your equipment is secure. Check that no-one has passwords to unauthorised mailboxes or other system administration functions. Also ensure your employees change their passwords regularly for access to telephone features.

Toll Fraud refers to the fraudulent or illegal use of your telephone infrastructure by third parties to gain access to unauthorised long distance or international services. Unfortunately this problem is a lot more prevalent and widespread than one might imagine. It is not well publicised as companies that fall victim to these scams try their best to keep it a secret as they would not want anybody, especially their customers, to find out.

Toll fraud in its simplest form can be conducted by an employee, where the employee forwards his desk extension to his cell phone. He then provides his family and friends with his work direct dial in (DDI) number. They only pay for a local call and the company foots the bill for the cell leg of the call. If the PBX is open after hours and weekends, you can always reach this person by dialling the local number.

Unfortunately syndicates exist that have high-tech knowledge of PBX functionality, have their own communications networks and engineering staff. They can pipe traffic into your PBX and break it out to international destinations (normally in obscure countries), where they route it further illegally. They can consume almost all of your voice channels 24hrs a day pumping traffic. This traffic can originate from illegal 'phone shops' offering cheap calls, or come from other aggregated sources like VOIP calls that need breakout.

How does one detect toll fraud? Look out for changes in call patterns, especially after hours, employees finding it difficult to get a line, sudden bursts of short calls and traffic through unused mailboxes. There are more tips and links below.

Of course prevention is better than cure and it pays to firstly ensure that physical security to your PBX equipment is restricted to authorised personnel only. Too many companies have the PBX installed under the reception desk, this is not a good idea. Make sure passwords are changed from defaults as soon as users get their mailboxes and ensure your technical staff change the administration passwords on a regular basis. Keep a hawk eye on your telephone bill and your telephone management reports, bar trunk to trunk transfers of extensions where not needed. Make your employees assume responsibility for the extensions and equipment the company supplied to them. These are company assets after all like any other and should not be abused.

See the following links:

Toll Fraud Security Tips a PDF document.
Guidlines to preventing Fraud
Wikepedia.
FAQs

CyMark