Logo Header
Home
TMG Services
 TMG's Clients
What Our Clients Say
Links
Contact Us
Hot Topics
Network Security and Fraud Protection

Telephone Toll Fraud has been a major problem since electronic PBX's first allowed remote access. Although the methods have changed over time, toll fraud still costs users billions of dollars per year and is not reimbursed by the carriers.

It is up to you to be on the alert for fraud and to take steps to prevent it. Like any worthwhile project, fraud prevention starts with an action plan. Some simple areas to consider are:

Gain management support. Without top/down support, no plan can succeed.

  • Establish user awareness programs.
  • Develop an action plan, should toll fraud occur.
  • Train console attendants on the signs of toll fraud.
  • Monitor available reports.
  • Review traffic data from your equipment.

Fraud perpetrators have ingenious methods of hacking into your system. Following are just a few of their methods:

  • Obtaining outside dial-tone through your Automated Attendant.
  • Paging people in your system that will allow them to seize a line when the call is returned.
  • If you use off-premise call forwarding while a call is being forwarded, hackers can "grab" a line with special software programs.
  • Hackers may look through your trash for papers containing access numbers or other information useful in their work.
  • Although most organizations have turned this off, some still allow system remote access through a maintenance port or through Direct Inward System Access (DISA).
  • Abuse of lines and service by your own employees and/or vendors.
  • A hacker may call in impersonating a telephone technician, inspector or some other person and ask for a transfer to an "open" line.
  • Some voice mail systems allow access to outside lines.

Some Toll Fraud "Do's" and "Don'ts":

DO:

  • Be suspicious and aware of anyone seeking sensitive information or access to your system.
  • Change passwords often - once a month is not too often.
  • Choose difficult passwords.

DON'T:

  • Give out access codes, passwords, etc.
  • Write down access information in obvious places.
  • Throw away old company directories without shredding them.
  • Use "speed dial" buttons for access numbers or passwords.

Conclusion:

Talk with your PBX, data and network providers to be sure you have "closed the door" on toll fraud. Some methods are so complex that prevention is impossible. Only vigilance and a plan will minimize your exposure.

TMG offers a complete toll fraud audit program that includes training and implementation of controls and monitors.

 


Home | TMG Services | Hot Topics | TMG's Clients | What Our Clients Say | Contact Us | Links
All Rights Reserved. Telecom Management Group, 577-B Southlake Blvd., Richmond, VA 23236. Site design by Michael Lay Design Company.