Notts businesses warned over fraud that could cost them tens of thousands of pounds

Nottinghamshire businesses are being advised to check their telephone systems to protect themselves from fraud.
Businesses are being urged to check their phone systems.Businesses are being urged to check their phone systems.
Businesses are being urged to check their phone systems.

It follows a breach in some Private Branch Exchange systems (PBX). These are the telephone system that allow a company to switch calls between phones on local lines while allowing all users to share a certain number of external phone lines. Fraud occurs when hackers target these systems from the outside and use them to make calls to premium rate or overseas numbers to generate a financial return, leaving the company in question with a substantial phone bill.

Once access is gained, offenders can exploit in-built services such as message forwarding and call diversion and can make calls on the organisation’s account to premium rate numbers or international numbers

Businesses of all sizes can be targeted, but nationally there has also been an increase in schools, charities and medical/dental practices being targeted. Victims can lose tens of thousands of pounds and are likely to be targeted again once a vulnerability in their system has been found. This type of fraud is most likely to occur when a business is closed but their telephone systems are NOT, for example in the early hours of the morning or over a weekend or public holiday.

Here are some simple steps to protect your business:

- Use strong pin codes or passwords for your voicemail system, ensuring they are changed regularly.

- If you still have your voicemail on a default pin/password change it immediately.

- Disable access to your voice mail system from outside lines. If this is business critical ensure the access is restricted to essential users and they regularly update their pin/passwords

- Ensure that only users that need administrator privileges have them to stop criminals disabling protection you have put in place if they gain access to your system.

- If you do not need to call international numbers/premium rate numbers, ask your telecoms provider to place a restriction on your telephone line.

- Consider asking your network provider to not permit outbound calls at certain times e.g. when your business is closed

- Ensure you regularly review available call logging and call reporting options.

- Regularly monitor for increased or suspect call traffic.

- Secure your exchange and communications system, use a strong PBX firewall and if you don’t need the function, close it down!

Speak to your maintenance provider to understand the threats and ask them to correct any identified security defects.

If you would like any further help or advice on preventing cyber-crime and fraud please call Nottinghamshire Police on 101 or get regularly updated advice by visitingwww.nottinghamshire.police.uk/advice and http://www.actionfraud.police.uk/ of following @NottsFraudCops on Twitter

If you have information about any crime or see anyone acting suspiciously in your area please call Nottinghamshire Police on 101 or anonymously via Crimestoppers on 0800 555 111.

Related topics: