Telephone Toll Fraud Alert

We have recently become aware of an increase in Toll Fraud activity in our area.  We have compiled some helpful information to assist in reducing your chances of being a victim to this crime.

What is Toll Fraud?

Toll fraud occurs when someone works to gain access to your telephone system and phone lines in order to place long distance calls domestically or internationally on your long distance account.

How do they access my phone lines?

They will try to gain access to common out dialing features such as Direct Inward System Access (DISA) or hack into a voice mailbox and activate available outbound calling and transfer features that you may not know are even available on your system.

These people will call into your place of business, often at night and try easy or common passwords such as 1234, 1111, to gain access to to these features.  Once they have gained access, they will either dial out directly or setup a phone number to be transferred to from the compromised system.  Sometimes they will daisy chain a few times through other systems they have compromised to make it more difficult to track the originating phone number.  Even if you are able to trace back to what you think the originating number is, it probably is spoofed, as this is an easy thing to do by misusing common helpful features.

How can I avoid being victimized?

1. Have your Long Distance provider block all International Calling Capability.  If you need access to International Calling, you may have your provider only allow it on some of your phone lines.  You should put this on phone numbers that are not published in order to reduce the possibilities of being discovered.  You may also have your phone system setup so that these international calling capable lines are only accessed by using an uncommon access code other than 9.  Your long distance provider may be able to restrict international calling only to the specific countries you need access to.

2. Reset all voice mail and programming passwords.  Instruct your users to only use strong passwords.  Never use 1234, 1111, or other easy passwords.  If possible, set your system to require frequent password changes and to reject weak or common passwords.

3. Disable any outbound calling features that you do not use.  This includes DISA, and voice mail notification or outbound dialing capabilities.

4. Disable any International or Operator dialing prefixes that you do not need to use.  Some of these first digit dialing patterns are 0, 011, 10, etc.

Summary

Following these suggestions will greatly reduce your chances of being victimized.  Contact us if you would like help in evaluating and securing access to your phone lines at 435-752-3300.