Call forwarding fraud on your business landline can affect anyone, on any network and can lead to unexpected bills. Make sure your business is protected
Over the past few months there has been an increase in call forwarding fraud throughout Australasia. This type of fraud targets weak spots in a customer’s PABX or voicemail system, and can lead to customers being billed for services they didn’t use.
By hacking into voicemail, offenders can set up call forwarding to make a large number of international calls to high cost destinations. In extreme cases, targeted businesses have incurred charges up to $300,000 with calls made to destinations such as such as Gambia, Sierra Leone and Latvia.
Any voicemail service that is secured by a PIN can be a target, including voicemail provided by physical and hosted PABX systems. So it’s important for you to make sure your account is safe and secure.
Hackers typically target businesses during weekends and holiday periods in an attempt to avoid detection.
We’re working with the Telecommunications Carriers Forum, and are leading the formation of an Australasian working group with all telecommunications providers to help combat this type of fraud.
We’re working on other ways of protecting you and your business, but we also need your help by taking some steps to protect yourself.
Make sure you're not a target. Here are a few simple steps you can take to protect yourself
Change your Voicemail and DISA passwords on a regular basis. Change factory defaults and don't use “easy” combinations such as 1234, 0000, sequences, or the last 4 digits of the landline.
Change passwords and PINS following installation, upgrades and fault/maintenance work on PABX equipment. Always change password defaults.
Remove or de-activate unnecessary functionality such as remote access ports to your PABX (DISA), Voicemail system or Toll Free service. If remote access ports are used, consider using strong authentication such as smartcards/tokens.
Keep internal information like directories, call logging reports and audit logs confidential. Remember to destroy them appropriately if no longer required.
Remove unwanted surplus mailboxes or lock until allocated to a specific user.
If your PABX is capable of blocking specific destinations, we encourage you to restrict calls to destinations that should not normally be dialed.
Block these numbers from your PABX or if you don’t know how to, get in touch with your PABX vendor.
Restrict access to your equipment (e.g. comms room or master terminals), and cover employee entry procedures such as passcards, employee vetting, people leaving/changing jobs.
Watch out for bogus callers, e.g. people posing as company employees who ask to be connected to switchboards operators to get an outgoing line.
When renewing your PABX contract, ensure that keeping your system regularly maintained is part of the terms and conditions.
We recommend that you get in touch with your vendor to perform audits and review system security and configuration regularly, to mitigate any areas of vulnerability.
If you have any further questions, give us a call on 0800 400 888.