RTF Networks is dedicated to reducing the risks our customers face daily. Whilst we appreciate no telecoms system will be completely immune, our advice regarding security can alleviate the risk significantly.
The main points to consider are listed below.
It is vital that employees have all the necessary training to optimise the efficiency of the call system. Cases of Toll Fraud are extensively linked with the theft of authorisation codes and passwords.
It is essential that your staff safeguard these to the best of their ability.
The numbers should never be written down or programmed into audio diallers. If you have staff who travel outside of the office they should also be aware that thieves can be watching or listening in to phone calls to find out the relevant numbers.
Furthermore, it is important to establish the identity of anyone placing a collect call to the company before accepting charges. An ever-increasing problem is the receipt of a phone call where the caller asks to be transferred. This is yet another way in which access can be gained to your network and an outside line.
An advisable approach would be to establish a system whereby any suspicious activity is reported immediately by your employees. Suspicions may be aroused by the nature of the call or by the number of phone calls received.
Control of your phone calls is a good way to heighten the security of your firm. You can place restrictions on calls by eliminating or restricting unnecessary calls to certain countries. You can also place limits on which staff can make certain calls, or at what times.
There are certain signals to look out for that will alert you of toll fraud. A growing number of thieves will try to deceive your workforce to gain access. For example, they could ring you on a local access number or 0800 service and ask to be continually transferred between personnel until they obtain an outside line. It is recommended that all the following should be considered; obscene phone calls, continuous hanging up of the phone, recurring incidents of asking for an individual extension number, wrong numbers, callers asking who they have reached and silent calls that wait for you to hang up. These techniques have been used in the past and should raise alarm bells if they occur in your office.
Passwords are the easiest form of protection but there are several ways to make these more secure. The more characters you use the better. You should also avoid patterns in your system such as digits that follow in numerical order or all the same number. Do not use default passwords or access numbers as they are simple to crack. Keep away from making the password the same as the extension number or those which are related to the owner, such as an I.D Room or social security number.
In line with this it is also advisable to frequently change the passwords. We would recommend doing this quarterly, as well as when anyone leaves the business who had access to them.
In addition, you should keep a regular check on your voicemail system. Within these fraudsters could access board messages, make their own mailboxes or transfer until they find an outside line.
You could stop this using internal calls only within voicemail, getting rid of mailboxes of previous employees immediately or making sure there are no spare, needless mailboxes.
Users should change their Personal Identification Numbers routinely for access to the voice mailbox, as well as taking the previous advice of making sure that these involve the maximum amount of characters to reduce the chances of a hacker. Remote access telephone numbers should not be published either as this may also put you at risk.
Next, automated attendants answering companies’ telephones can also leave them open to fraud. The toll fraudsters will go from the automated attendant and dial 90XX or 900 extensions. On several exchanges these numbers will connect them to outside lines. You can limit or block capabilities of local dialling or long distance trunks to stop this. Block access codes such as 900XXX can be used in these circumstances.
In summary, the best way to prevent toll fraud is to look out for the warning signs, such as anything out of the normal. This may manifest itself in the form of out of hours calls, calls to other countries that you don’t recognise having done business with or several incoming calls on your call detail records followed by long outbound calls.
If you notice any of these signs you should take the following steps as toll fraud can lead to extensive losses that can ascend extremely quickly. You should call RTF Networks and your line/least cost routing provider. We can then help you to prevent further instances of toll fraud. Although there is currently no way to stop toll fraud, you can educate yourself and your workforce to reduce the chances of it happening, stop it when it occurs and thereby reduce the harm it can do. The most likely times for it to happen is when security is at its lowest, which is normally outside of working hours. You should therefore keep a list of things to look out for as well as what to do if you notice them.
RTF Networks recommends that the customer include the telephone system related applications as part of their company security policy and seek insurance against such acts.
RTF Networks will not be liable for any cost incurred due to toll fraud of any kind and has taken all possible actions to prevent such incidents.