How to Protect Your Company from Phone Hacking Scams
Contents
With most businesses powering their phones through the internet (VoIP), hackers have new access to systems. In this case, the phone hacking scams that criminals are using involves international premium-rate lines, cutting deals to make up to a quarter per minute on charges that can reach $100,000 or more.
Unfortunately, unless there is an extraordinarily large bill (like a $100k bill), many businesses don’t even realize their phones have been hacked. Sometimes the fraud isn’t even caught by phone companies for days or weeks.
While this may sound scary, and it can be, hackers mostly target small business. The New York Times reports that these scams cost victims $4.73 billion globally last year. With that in mind, it’s important to keep an eye out for any of the current phone hacking scams that are happing now.
Be prepared and don’t let your company’s phones become a six-figure liability!
How Are Phones Hacked?
Phone systems are rarely monitored. Businesses tend to take a “set it and forget it” approach to phones. If they aren’t broken, no one is paying attention to them. With most new business phone lines running through the internet, that attitude has to change.
Hackers take advantage of lax security as well as confusing and nonexistent international regulations for phone communication. Instead of hacking trunk lines, hackers break into PBXs (private branch exchanges). Once they have access they can use all available lines to dial international premium-rate numbers, racking up major charges.
How to Stop Phone Hacking Scams
The first and easiest step to avoid hackers racking up phone charges on your business line is to write a letter to your phone service provider.
Tell them your estimated amount of expenditure and minutes dialed, both daily and monthly. Inform them that the letter is a security measure and that you do not authorize any charges beyond what is detailed in the letter.
Make sure to specifically call out common services involved in a phone hacking scam and state that you do not want them used in any circumstances, including:
- premium rate numbers and text messages
- reverse charge calls (consider including a dollar per minute limit)
- data roaming charges
Request a letter of receipt and acknowledgement, and save all documentation.
Fraud Detection Software
Fraud detection software can also be used to stop attacks.
These modules work by detecting sudden increases in call traffic and blacklisting abnormal numbers. They actually suspend suspicious numbers and will not dial as requested by the hacker. This software is sold by a variety of vendors.
Best Practices for VoIP
Some of the best VoIP security practices include turning off unused protocols, separating VoIP networks from other infrastructure, authenticating remote terminals with unique usernames, passwords, and/or two-factor authentication, and monitoring communication ports.
Kelley Create can help empower your IT team with the tools and knowledge to keep your VoIP system safe – or we can help monitor it for you.