Our website uses cookies to enhance your browsing experience and to collect information about how you use this site to improve our service to you. By not accepting cookies some elements of the site, such as video, will not work. Please visit our Cookie Policy page for more information on how we use cookies.

Fraud

Stolen Teleporter

Detective Sergeant John Finan will be in the studio to discuss a fraud concerning PBX telephone systems. Private branch exchange fraud involves the manipulation of telephone equipment, which allows a third party to piggy back on your system to make telephone calls. These calls are usually to premium numbers, which could potentially cost the bill payer thousands of euros.


Suggested action for businesses to guard against PBX phone hacking fraud

  •  Appoint an overall PBX ‘owner’ and administrators for key sites.      
  • Put in place a company policy on PBX security and communicate this policy to all staff.
  • Arrange with the PBX supplier to have a specific liaison person available to consult on security issues.     
  • Ensure that communications room is securely locked and access controlled.     
  • Ensure that only the minimum features/facilities required by a user are provided.     
  • Restrict call forward facility (The ability to call forward to trunk should never be provided. Direct Inward System Access (DISA) should never be enabled). 
  • Set PBX to night service mode outside office hours   
  • Check CDRs regularly for suspicious activity  
  • No voicemail password should ever be left as the default number
  • Change voicemail password every 30 days 
  • Monitor Call Detail Records suspicious call patterns e.g. long duration, outside office hours, exotic/erotic destinations etc. A real time exceptions reporting alarm facility is strongly recommended.
    Restrict password entry to 3 attempts/session and 9 attempts per mailbox.      
  • Compel users to change their voicemail password every 30 days