New Toll Fraud Threat Alert
This update is essential reading for all customers with Calls & Lines service
Hackers are now targeting businesses via phone hacking with a new, highly sophisticated approach. Some businesses have experienced losses totalling several thousands of pounds.
To date, typically phone hacking incidents have exploited telephone system settings (voicemail, programmed routing etc.) to place numerous unauthorised calls to a revenue generating number controlled by the hacker. It is possible to safeguard against this by use of secure pin codes at user level and by “locking down” certain aspects of the system to remove vulnerabilities.
Towards the end of last year, the Hackers approach has evolved, to circumvent the standard best-practice approach to secure systems. By compromising a business’ local network (LAN or PWAN/MPLS), a hacker can now program a handset to place fraudulent calls. These calls can be routed over BT’s network with an override code so they cannot be blocked via normal measures and then generate large bills. This would be difficult to detect and prevent via established telephone system security practices.
Why were they vulnerable?
A business' internal data network is now a route into devices connected to it – this includes telephone systems and handsets. Securing your telephone system and line is no longer sufficient, your internal network must be secure also.
Who is responsible for fraudulent call costs?
A customer is responsible for all calls made from their system, including fraudulent ones. Taurus will have provided infrastructure security recommendations and if these have been adopted the risk of toll fraud will be greatly reduced. To further reduce risk, we strongly recommend you ensure all staff are briefed on best practice for using the system securely. More details on this are available here:
Maintenance services also do not cover toll fraud; they are designed to deliver break/fix service only. Unauthorised calls are not a fault or down time.
Security of your system and lines should be considered an essential project to engage your voice supplier on. In addition, your IT maintainer must ensure all of your network is secure; if your internal network is open to the outside world in any way, all other measures are effectively redundant.
What should I do to check my infrastructure is secure?
- Consider dedicated SIP provision for your lines. This service is closed, separate from the public network and not visible to hackers. Call limits and alerts can also be set on this type of service
- Engage your IT provider, how secure is your network? It would not be acceptable for hackers to reach a PC or server on your network, so instruct the same practice is applied to telephone systems and handsets
- Re-inforce best user practice as detailed above
- Constantly review your security position. Threats are evolving all the time – it’s essential businesses take responsibility to keep ahead of them
I’m a Taurus Managed services customer, what do I do?
If you have engaged Taurus to manage your voice, data and SIP service, you will be at the lowest possible risk of toll fraud, and all the above steps to safeguard will have been taken (except user training which remains the customer’s responsibility). Please contact us if you have any concerns or require any further details.
I’d like to talk some more about this.
Please contact James Fisher, Customer Relations Manager if you have any further queries or concerns surrounding toll fraud.
Call: 013920 206160