Seven Top Tips to Prevent Telecoms Fraud
With Telecoms related fraud increasing rapidly and now being a bigger problem than credit card fraud – it is imperative that your systems are secure.
To provide some statistics of this, a recent TalkTalk business survey of 1,000 participants found that a quarter of the businesses surveyed had fallen victim to telecoms fraud, with the average costs of a hack reaching over £12,000.
So, how do you protect yourselves again Telecoms related Fraud:
- Train all staff internally on the risks and put procedures in place
No matter what precautions you put in place on the system, you need to ensure that everyone in the business is on the same page when it comes to fraud. If you follow steps 2-7 but ignore this then unfortunately none of the others will help. Set procedures to avoid anyone using non-regulated equipment, for example a USB stick from home. Fraudsters may drop USB sticks around businesses or even leave them in places such as on the street, and someone may pick this up and plug into a computer just to see what is on it….by this point an automatic program could run and infect the network.
- Change all default passwords & avoid using obvious one/extension numbers
Hackers are constantly trying to gain access into businesses by using a shotgun approach and targeting anyone and everyone. If you don’t change the default passwords to the system you’re leaving the system extremely vulnerable as this is effectively an open door – this should always be the first thing that you do when installing new equipment. Avoid anything which could be obvious, e.g extension 215 using 215 as the PIN, and never use 000,123 etc.
- Change PINS on Mailboxes and block access to any Unallocated Mailboxes
Whilst many companies will remember to change Passwords & PINS on their extensions – don’t forget to do the same on virtual extensions (Auto-Attendant, Voicemail, etc) – this is an easy one to forget and a very easy mistake to make; once again like above it’s just like leaving the door wide open for access.
- Lock down International and Premium Rate Calling
If you don’t need to make calls to international numbers, or calls to premium rate numbers – bar these immediately. The majority of fraud that we have heard of is where a fraudster gains access to the system, and makes large volumes of calls to premium rate international numbers, from which they will be earning revenue from the numbers dialled. By barring international calling you can avoid this potential issue.
- Set Up Daily Spend Limits & Alerts
Depending on the network provider, and the technology you use (Analogue/ISDN/SIP), your provider should be able to set up various types of alerts and limits. As we provide free calling to the majority of numbers we offer our customers two features:
- Spend alerts: we can set email notifications to be raised if a certain spend is hit – that way you can check to see whether specific calls have been made – if so then nothing to worry about, and if not then you can see what is being dialled and take action accordingly.
- Automatic cut off: if a certain daily limit is hit, we can set the lines to cut off automatically, so that no further calls can be made. For example if your spend limit is £20 in a day; someone hacks the system and makes calls to the value of £20; the lines cut off completely. Again at this point, you/the provider can investigate further and take the necessary action.
- Who has access to the phones out of hours?
Do you have any staff in the office out of hours, or any third parties with access to phones, or to the system itself? Make sure you have procedures in place or again, call bars set. We have seen cases of night staff calling premium rate numbers through the system and racking up large bills throughout the night, which the day staff are completely unaware of. With fraud alerts these can be avoided, and if you check bills regularly the suspicious calls can be spotted, and stopped.
- Ask for monthly bills, and check them!
You would be amazed at the number of people that simply do not check their phone bills! What we would recommend is moving from quarterly to monthly billing, and either asking for them to be fully itemised, or at least itemised over a certain amount (e.g calls over 25 pence). A large proportion of fraud and hacking takes place on evenings and over weekends, as it’s designed to go undetected so that they can get away with it for longer. By checking your bills for any unusual activity, either making sure there are no spikes in the costs from the norm, or looking at areas dialled, you should be able to spot and protect against any suspicious activity.
When people talk about fraud, the focus is often towards IT, but I can only see Telecoms related fraud continuing to increase.
Much of what you need to implement is very straightforward to do – so get it right, and in place, and you should be protected.
If you want to discuss fraud and hacking in more detail, feel free to give us a call on 0113 2059640 or get in touch via the website at www.time-tele.com to discuss further.