How PBX fraud works
Once an auto-dialler has been used to identify systems which are worth hacking, the criminal attacks the system in order to establish the pass code that will give them access to the PBX system itself. Features such as remote-access voicemail, message forwarding and call diversion can all be exploited to enable the illicit call dialling. In the case of voice over IP (VOIP) telephony, systems are generally compromised by malware or accessing an IP address connected with the PBX box to bypass the company’s firewalls.
- Your business accumulating substantial or even crippling phone bills without your knowledge
Preventing dial-through fraud
Conventional PBX systems
- Reduce the ability for your system, if compromised, to dial high rate numbers by:
- Restricting any destinations that should not normally be dialled such as premium rate, international or operators including directory enquiry services.
- Review available call logging and call reporting options.
- Regularly monitor for increased or suspect call traffic.
Restrict access by:
- Immediately setting up call logging on any system where fraud is suspected. This should be professionally programmed to ensure all call types are covered.
- Disabling voicemail from being to access outside lines. Take professional advice on how to set up voicemail securely on your system.
- Set up secure PINs to access voicemail remotely.
- Put suitable restrictions in place on any extension that must have access to an outside line via voicemail.
Avoid auto features:
- If your system has Direct Inward System Access (DISA), ensure it is completely disabled. To prevent someone calling in from outside the PBX to dial calls as if from one of the extensions.
- Set up any networked telephone exchanges very carefully to restrict hackers from breaking out from one site to another.
- Ensure interactive (menu driven) voice response and auto attendant options for accessing outside lines are removed.
- Be sure to take steps to ensure both the physical and technical security of your equipment.
- Seek advice from your system or managed service provider to help you secure your system. Some service providers have precautions in place such as monitoring unusual usage spikes, cutting off services if they exceed pre-agreed thresholds or disconnection in the event of their SIMs are connected to a computer, switchboard or the internet.
If you think you have been a victim of PBX fraud
Report it to the Cyber Incident Response Team in the Ministry of Science, Energy and Technology: 876-929-8990-9 or the Communication Forensics and Cybercrimes Unit of the Jamaica Constabulary Force: 876-967-5948 or 876-922-3288
This page was compiled with the kind assistance of TUFF (Telecommunications UK Fraud Forum)