Add to collection(s) Add to saved
  1. Business
  2. Management
  3. Project Management

10 Steps to Protect Your Phone System from Toll Fraud

T DUE
N
AMOU
79.89
5
$ 104,
10 Steps to Protect Your
Phone System from Toll Fraud
You’ve organized your finances; you’ve identified cost efficiencies; and you’ve
done everything else you can to balance your business’ budget and maximize
profits – and then it happens. Your monthly phone bill arrives with tens
of thousands of dollars in extra charges amassed over a single weekend.
A weekend when no one in your office was working, let alone making phone
calls. And you’re on the hook for the entire bill. How did this happen?
Toll Fraud
Toll fraud – which is defined as any unauthorized use of a business’ telephone system and carrier services –
cost its victims $4.73 billion globally last year according to the Communications Fraud Control Association.
Hackers dial into your system and gain access to outside lines, usually through a voice mail system or
automated attendant. Once in, they dial out to premium numbers (e.g. 900 numbers) that charge the callers
over $1 a minute, and then receive a portion of these charges. Most carriers have ways of spotting toll fraud
and will notify the customer if they see unusual activity, but by that time, the damage has been done.
So what can be done to prevent toll fraud?
Start by following these 10 steps to protect your phone system from toll fraud:
1.
3.
CHANGE YOUR
SYSTEM PASSWORDS
RESTRICT OR BLOCK CERTAIN
TYPES OF CALLS OR TRUNK-TOTRUNK CONNECTIONS
Never use the default passwords for
voice mailboxes, system administration,
conference bridges, etc., and use
passwords that aren’t obvious or easy to
guess, such as 1234. Enforce a policy of
changing passwords on a regular basis,
and when someone leaves the company,
delete their mailboxes immediately, and
block or delete all inactive mailboxes.
2.
Decide if you need an incoming trunk to
access an outgoing trunk, and identify
how to control it (e.g., some users may
forward their desk phone to their cell
phone, or an assistant may transfer a
call to the boss’ home phone). Consider
restricting call forwarding and call
transfer features, especially to external
numbers, and program your phone
system so that extensions can forward
only to known numbers, and restrict all
RESTRICT PHONE FEATURE ACCESS
DURING OFF-BUSINESS HOURS
Identify which phones need to make
long distance calls, require outbound
access during off business hours,
and need to make out-of-state or
international calls – then restrict these
capabilities for the phones that don’t
require them.
others, especially 901 or 90#.
4.
PERFORM A REGULAR SYSTEM
HEALTH CHECK
Regularly monitor and analyze your
systems. Work with your vendor or an
outside consultant and go through a
yearly audit to see if anything’s been
changed that might impact you.
2 | Mitel
5.
6.
8.
CHECK VOICE MAIL AND AUTOATTENDANT CONFIGURATION
UPGRADE TO A NEWER SYSTEM
WITH INCREASED SECURITY
This is the most vulnerable area that
hackers can compromise and gain the
ability to make external calls. Consider
disabling the ability to make external calls
from the automated attendant system.
A misconfiguration in the auto attendant
can be an easy target for the hackers, so
it’s important to check the system and its
security parameters frequently to make
sure it’s working correctly. Determine
whether your voice mail systems should
be allowed to dial out of the PBX itself
or dial international numbers, as this is
where most problems occur.
Older systems are much more
vulnerable to being hacked, while newer
systems and services were developed
with security in mind. For example,
Mitel’s newer systems and services use
6-digit passwords for voice mail rather
than the traditional 4-digit passwords,
and will be increasing this to 8 digits in
a new release. Mitel’s latest systems also
include mailbox lockout by default for
new installations, which essentially
locks out a user from the system if they
enter an incorrect password more than
three times.
MONITOR CALLING PATTERNS
Check your voicemail reports and
800 number usage, monitor valid and
invalid calling attempts, and look for
unexplained 900 number calls and chat
lines. Also be on the lookout for changes
in call patterns, such as a sudden
increase in wrong number calls, silent
hang ups, higher abandon rates, and
an unusual amount of night/weekend/
holiday traffic – if you get lots of calls
on Friday at 2 AM, there’s probably
something going on..
7.
STAY CURRENT ON SECURITY
AND SOFTWARE UPDATES
Make sure your phone and voicemail
systems are up-to-date and that all
current patches have been installed.
9.
ENGAGE WITH YOUR CARRIER
Talk to your carrier and understand
what kinds of service they have available
to track and proactively notify you of
unusual calling activity. It’s important
to be engaged with your carrier and
ensure that your carrier is looking out
for toll fraud.
10.
TRAIN AND EDUCATE
In addition to training your technicians
on how to avoid toll fraud, it’s important
to also educate your end users about
what toll fraud is and how to prevent it.
Mitel has created toll fraud workshops
for its partners, as well as knowledgebased articles and tools for customers,
to help educate users and partners about
avoiding toll fraud and ensuring security.
Learn more
Are you at risk for toll fraud? Take our 5-minute online quiz today
to find out – visit mitel.com/tollfraud
Adapted from “10-Step Health Check to Avoid Toll Fraud”
by Blair Pleasant, UCStrategies.
mitel.com
© Copyright 2015, Mitel Networks Corporation. All Rights Reserved. The Mitel word and logo are trademarks of Mitel Networks Corporation.
Any reference to third party trademarks are for reference only and Mitel makes no representation of ownership of these marks.
6050-10050-123456-R0714-EN
Related documents
Document17920367 17920367
Document17920367 17920367
Using CommonKADS Method to Build Prototype System in
Using CommonKADS Method to Build Prototype System in
Green Team Researcher/Presenter Jeremy Archey
Green Team Researcher/Presenter Jeremy Archey
Download