Monday, 14 February 2011

Telecom Fraud - Have you checked your bill recently?

Some years ago I came across a company who had their telephone system and voice mail infiltrated by hackers. They managed to clock up a bill of over £2000 in one month. This was a little known problem at the time and it caught everyone by surprise but amazingly, this practice is still going on and is now estimated to be in the same league as credit card fraud.

Now if you are thinking that when your next bill comes in and you see fraudulent activity, you can just contact your carrier and get a refund then sadly, you are mistaken! It doesn’t work like credit cards and currently, the subscriber has to bear all the cost. The only possible hope is that you may have some claim on your equipment or service provider if you can prove that they were negligent with the set up of your service. As fraud is now so well known in the telecommunications industry, it is really unforgivable to set up a telephone system or voice mail without making it as secure as possible.

So how do the hackers gain access to your lines? Well in the example mentioned, the customer had an 0800 number to access their telephone system and out of hours, this was answered by voice mail. The hackers rang the 0800 number at no cost, and then proceeded to crack the password for the voice mail which in this particular case, gave them access to external trunks. When they found the system only allowed UK calls, due to call barring, they dialled up a number of another pre-hacked PBX without the free number and also without call barring and they were able to call anywhere for nothing. If you didn’t follow that, here are the steps again.

1.Dialled 0800 number and hacked the voicemail that answered which gave them UK wide access but not international.

2. Made the voice mail dial the number of another hacked system which did not have an 0800 free number.

3. This system gave them access to anywhere

So how do you avoid this problem?

Make sure you write to your system and or service provider asking them to confirm that all fraud access is impossible on your system.

Make sure that trunk to trunk access is not allowed unless absolutely necessary. This applies to voice mail and PBX’s

Disconnect you maintenance modem and only allow access when your maintainer needs to change settings. Obviously do checks to make sure it is your maintainer calling! Preferably set the modem up for dial back. I.e. it has to dial the maintainer when they call it.

Make the password on your modem very long and change it frequently. Only let selected people have the password, As a matter of course, change the password after a remote maintenance session.

Make any passwords to access the admin of your voice mail very long and check to see if this has a modem. If so, the same rules apply.

Make sure that no extensions are forwarded to outside numbers.

Have call barring reduced to 999 only for after hours. Cleaners can have other sources of income! Barring can often be overridden by an authorised person should the need arise.

Ask your service provider to alert you if any calls go over a certain cost by text or email.

Make sure all software updates have been applied to in house telephone equipment.

If any technical staff leave, make sure all the passwords are changed on the system. An upset employee can cause havoc.

Install call logging and run it daily. If it has the ability to provide alerts, use it.

Audit and test you system regularly. Put the onus on your maintainer to verify the security status and get this in writing. If nothing else, having to commit to print will make them keen to stop any loopholes.

With IP systems, the security of your network is vital. If someone can get access to your network, they can also use IP voice services. WiFi with easily hacked passwords are a gift to fraudsters. Any homeplugs need to be encrypted if you network via mains circuits. Use VPN’s for remote workers wherever possible. All the aforementioned precautions apply regarding modems etc.

Use detection software to find any unauthorised access attempts.

Make sure your firewall is good and up to date.

If you are interested in knowing more, just post a comment or contact me via http://www.mentornet.co.uk/contact.html

No comments:

Post a comment