Prevent call-forwarding fraud

Call forwarding fraud on your business landline can affect anyone, on any network and can lead to unexpected bills. Make sure your business is protected

Over the past few months there has been an increase in call forwarding fraud throughout Australasia. This type of fraud targets weak spots in a customer’s PABX or voicemail system, and can lead to customers being billed for services they didn’t use.

By hacking into voicemail, offenders can set up call forwarding to make a large number of international calls to high cost destinations. In extreme cases, targeted businesses have incurred charges up to $300,000 with calls made to destinations such as such as Gambia, Sierra Leone and Latvia.

 

Who's at risk?

Any voicemail service that is secured by a PIN can be a target, including voicemail provided by physical and hosted PABX systems. So it’s important for you to make sure your account is safe and secure.

Hackers typically target businesses during weekends and holiday periods in an attempt to avoid detection.

What we're doing to help you

We’re working with the Telecommunications Carriers Forum, and are leading the formation of an Australasian working group with all telecommunications providers to help combat this type of fraud.

We’re working on other ways of protecting you and your business, but we also need your help by taking some steps to protect yourself.

 

What you can do

Make sure you're not a target. Here are a few simple steps you can take to protect yourself

Password icon

Choose a strong password

Change your Voicemail and DISA passwords on a regular basis. Change factory defaults and don't use “easy” combinations such as 1234, 0000, sequences, or the last 4 digits of the landline.

Padlock icon

Change all security features

Change passwords and PINS following installation, upgrades and fault/maintenance work on PABX equipment. Always change password defaults.


Cogs icon

Check system functionality

Remove or de-activate unnecessary functionality such as remote access ports to your PABX (DISA), Voicemail system or Toll Free service. If remote access ports are used, consider using strong authentication such as smartcards/tokens.

Confidential icon

Keep it confidential

Keep internal information like directories, call logging reports and audit logs confidential. Remember to destroy them appropriately if no longer required.


Mail icon

Remove surplus mailboxes

Remove unwanted surplus mailboxes or lock until allocated to a specific user.

Phone icon

Restrict unnecessary calls

If your PABX is capable of blocking specific destinations, we encourage you to restrict calls to destinations that should not normally be dialed.


Block 0161 calls icon

Block 0161 prefixes

Block these numbers from your PABX or if you don’t know how to, get in touch with your PABX vendor.

Spanner icon

Increase physical security

Restrict access to your equipment (e.g. comms room or master terminals), and cover employee entry procedures such as passcards, employee vetting, people leaving/changing jobs.


Security icon

Be cautious

Watch out for bogus callers, e.g. people posing as company employees who ask to be connected to switchboards operators to get an outgoing line.

Document icon

Check vendor terms and conditions

When renewing your PABX contract, ensure that keeping your system regularly maintained is part of the terms and conditions.

 
Info icon

Important step if you have PABX

We recommend that you get in touch with your vendor to perform audits and review system security and configuration regularly, to mitigate any areas of vulnerability.

If you have any further questions, give us a call on 0800 400 888.