Another and more recent episode of toll fraud activity encompasses a more subtle type of toll fraud, and involves not break in/break-out, but forces a system to communicate with an international premium number. These numbers are often associated with the bandits themselves, therefore stimulating revenue for themselves. Following such attacks, the tel.no is ceased, so making the tracing of these gangs much more difficult.
This article will describe in more detail the toll fraud operations.
But please note that if the door is locked at the first point of entry, it makes their job a whole lot harder.
1. Ensure that your PIN is changed from the default setting
2. Educate users that removing PINs completely is a bad idea
3. Remove any unused mailboxes
Means of Toll Fraud Penetration
All systems allow you to programme an advice when a message is deposited.
Normally this is a flashing light, and/or a display on the LCD.
However, each user can configure this to alert an external mobile or pager. The toll fraud exploits this.
You can add several layers of firewall to help deter these threats.
If a thief manages to bypass a VM pass code, by either exploiting the fact that the firm has not switched it from manufacturer standard, or worse, it’s been omitted, then they store a toll fraud destination.
When they then leave a voice-message it stimulates an outbound cascading via your lines.
The toll fraud guys can then replicate the process across numerous extensions if they are insecured.
Method of Defence
- Change manufacturers pass word.
- Discourage the removal of passwords.
- Stop “message-notification” within the voicemail.
- Turn off the ports used for Pager notifying
- Cripple the portage for Alerts