Phone carriers are determined to fight back against these hackers and have gone to huge efforts to reduce the amount of fraudulent activity on both fixed and mobile networks. By increasing the monitoring of international traffic they can identify anything unusual and investigate it for possible scams. Also they have implemented proactive measures to block international B numbers which have unusually high traffic flowing to them, often in high risk destinations.
It’s extremely difficult to prevent all fraud however. Each call to a PRS generates profit for both the revenue share provider and the content provider, ranging anywhere between 30% and 80% of the net tariff. Fraudsters have been known to enter into arrangements with the PRS content providers, with the purpose of flooding traffic to them using various methods, most commonly via hacking PABX, VoIP or Voicemail and programming the extension to automatically dial the PRS number.
Hackers use the PABX system to make long distance telephone calls, usually to obscure international destinations at no cost to themselves. The costs are born by the organisation and can be quite considerable.
The fraudsters will often then either on-sell the calls as a phone operator themselves or they may even divert the calls to their own premium rate services. Both methods derive income for the hacker, while the business is left with the bill. The more sophisticated PABX systems become, so do the hackers and their software. Hackers exploit weaknesses in the company’s PABX system by figuring out voicemail pins and gaining access via the PABX maintenance port or ‘Direct Inward System Access’ (DISA) point of the PABX. Once they penetrate the voicemail they are then able to re-program the PABX system to make International telephone calls.
Due to the number of lines that most PABX systems have, the cost to the business can escalate rapidly as many calls can occur during any one time. The hacker will often breach the system late at night when the business is not operating so they can attempt to avoid detection.
How can you know if your system has been accessed by fraudsters? Well, there are a few signs you can look out for such as heavy call volumes particularly at night time and on the weekends and public holidays. When running a business you should always review system call records for any discrepancies or usage that looks out of place or unusual.
Discuss effective methods for security with your PABX maintainer as they have the skills and knowledge to help you instigate security measures, and also can pinpoint whether or not your system may have been targeted. If you receive a busy error message when trying to retrieve your voicemail, heavy call volumes, International calls on your phone bill to places you don’t typically call or recognise, these are possible indicators that your system may be being used illegally.
Putting a number of methods into practise will enable you to protect your system, one of the most effective to is to regularly change your voicemail pins and try not to use default pins, such as 1234, as they are far too easy for fraudsters to guess. Disabling any call forwarding or outbound call ability from your voicemail ports, and cancelling unused voicemail boxes will also protect against hackers.
Block all International calls to countries you never dial and only keep those that you use and are necessary as this will prevent any hackers from using your system for expensive long-distance calls. Always keep your PABX admin access unit in a secure location so it can’t be accessed by unauthorised personnel, limit the ‘after hours’ outgoing call access and disable DISA access unless it is really necessary, if you apply all these restrictions to your system then any hacker will be deterred from trying to get into your system and look elsewhere.