2600Hz Blog

Read about cutting edge telephony thought leadership, 2600Hz product updates, customer use cases and more!

Featured Posts

Subscribe to Email Updates

Protecting Your Business By Controlling Telecom Fraud: Preventing Hacked Equipment & Settings


"Protecting Your Business by Controlling Telecom Fraud " Is an educational blog that covers several best practices to help you protect your business from fraudulent activity. Over a series of blogs and webinars, we’ll dive into the fundamentals of VoIP fraud, identify typical fraud activities, and discuss essential prevention methodologies you can use to protect your platform, your customers, and your business.

What is VoIP Fraud and How to Prevent Hacked Equipment & Settings

VoIP fraud is defined as the unauthorized use of paid communications services charged to someone without their knowledge, service provider or customer. As mentioned in our webinar Protecting the Customer Experience by Controlling Telecom Fraud, a single fraud event can cost a customer anywhere from $3,000 to $50,000, and more often than not, occurs more than once. This is why we are focused on a series of educational content to help you learn how you can help protect your company and your customers with simple steps. Our 1st part in the series begins with tips on preventing hacked equipment and settings. This is the easiest and most common form of fraud, that is also the simplest to prevent.

Fundamentals of Fraud

Device Fraud:  Device fraud is simple -- the internet is scanned to search for vulnerable endpoints; vulnerable endpoints are those easiest to access by using the default usernames and password. Most UI’s change this for you automatically, but in the instances that a change was not made, those endpoints become the most vulnerable and easy access for fraudsters. From then on, attackers can set up call transferring to their own phone service and control those devices.

This results in them either pumping as many calls as possible to the numbers on their systems or routing all customer calls through the phone system you are using, costing them nothing, but still billing for usage.

How to Prevent:  

  • Double check to see the default password/username was changed automatically
  • Manually change password/username
  • Set up NAT router configuration, this provides your devices with a private IP address that can only be seen on your Local Area Network (LAN)

Call Forwarding Fraud &  *72: Call forwarding fraud is a bit more difficult but still fairly simple. Think of this as the “Nigerian Prince” of phone fraud. The way this works is:

  • You receive a call from an unknown number/person
  • They spin a story where for whatever made up reason they can only make one call and that is you. Ex: “I’ve just been arrested and accidentally dialed you, I only have one call- please call my lawyer”
  • They then ask you to dial their wife, boss, lawyer, etc.. beginning with *72 and following with the number they want you to reach
  • *72 activates the call forwarding feature on your phone (most common #, may differ by provider)
  • At the end of the other line, the fraudsters partner can accept all third party and collect calls, while telling callers that are meant for you that they have the wrong number
  • You are now being billed for all the calls that are being forwarded through your number

How to Prevent:   

  • Disable call forwarding
  • If anyone asks you to dial a number for you, and it begins with an *, just don’t do it

Call forwarding can also be setup through your Web/User Portals and UI/API’s. Make sure your username and password are unique and have been changed from the default, making it more difficult for attackers to access the account.

Fun Fact: It would take an attacker mere seconds to decipher your password if it is any one word in the dictionary. Even for variations like this: Pa55word, 123V0IP, H4ckerGrl. As they already have millions of variations set up to scan. Try using a combination of words, such as Turtle-Balloon-Safari.

 Voicemail Callback Fraud:  Voicemail fraud is another tedious but effective form of fraud. Attackers know how to compromise voicemail systems to accept and make collect calls without your knowledge or permission.

How this works in more detail:

  • The attacker calls into voicemail systems looking for default passwords or those with easily guessed passwords. Tip: Change your password, and not to “1234”
  • Once found, the voicemail is changed to something along the lines of “Yes, I accept the charges”
  • The attacker then begins to place collect calls from their phone service to your phone number and when the automatic operator hears the outgoing message the collect call is connected, collecting the cost of the call

Another version of the scam completely bypasses the guessing aspect and breaks directly into a voicemail system's call forwarding feature, and programs the system to forward calls to an international number on their phone service.

How to Prevent:

  • Always change the default passwords for all voicemail boxes
  • Choose a complex voicemail password
  • Change voice mailbox password several times a year
  • Check your voicemail greeting sporadically to ensure that it is indeed yours
  • Disable auto-attendant, call-forwarding, remote notifications, and out- paging features if you don’t use them
  • Block international calls

*All preventative methods are suggestions and not guarantees.

At the end of the day, it comes down to educating yourself on current security risks that could affect your platform, protecting your infrastructure through preventative planning and development, and doing your due diligence on best of breed security initiatives to keep your systems and your customers protected.

Here are some great articles we found enjoyable to read:

If you're looking to explore a new communications platform the offers the security and flexibility to grow your business, learn more about KAZOO platform offerings today!

Tagged: KAZOO, security, UCaaS, 2600hz, cloud communications, CPaaS, Unified Communications Security