At a time when few businesses can afford any more cashflow problems, international and Irish based ‘time thieves’ are targeting Irish businesses and exploiting weaknesses in their telecoms security to steal millions of euro annually, according to market intelligence from Minute Buyer, provider of telecoms solutions to the corporate market.
The company has seen a significant increase in telephone fraud and hacking in Ireland over the last three months, according to Shaun Hayden, Director, Minute Buyer. He admits accurate fraud figures are nearly impossible to pin down because so many organisations are reluctant to talk about it publicly, bust says the Garda Bureau of Fraud Investigation estimates that time theft is costing Irish companies millions annually.
“The economic downturn has, it seems, brought with it an increase in opportunistic ‘time theft’ fraud. Over the past three months, we have encountered a significant increase in episodes of time theft.,” said Hayden. “We urge Irish companies to review their phone system security and internal phone procedures to minimise the risk of falling victim to these serious fraud techniques. Companies need to treat their PBX (Private Branch Exchange) system the same way they treat their computer network. No one would leave their network without adequate security measures and it is an unfortunate sign of the times that we must now do the same with our phone systems.”
Essentially there are two types of telecoms fraud: large scale PBX hacking by experienced hackers and, second, the internal misuse of telecoms systems by staff. Hacker’s employ an array of tools from password stealing software to automatic dialers that circumvent security measures commonly employed by the vast majority of Irish businesses. Time theft or telecoms PBX fraud is one of the most profitable and easiest crimes to commit, as it carries minimal risk because it is difficult to detect until the damage is already done.
Minute Buyer suggests the following tips that will help ensure your business is protected from time theft and PBX fraud:
1. Get acquainted with toll fraud. Periodically remind all employees who have been issued authorization codes (Direct Internet Access, voice mail, etc) of the importance of keeping these codes secret and the need to change them frequently.
2. Educate yourself with the many features of your PBX. Shut down all of those not in use or not in service and change your PBX passwords as frequently as possible.
3. Block access to destinations where your company does not do business. If circumstances do not permit this, at least block calls to the most recent popular fraud destinations like Liechtenstein, Austria, Sierra Leone and China.
4. Voice Mail: Make sure your voice mail system is a “closed loop” and cannot be manipulated to get an outgoing dial tone. Check your valid mailbox list and delete any box that is no longer in service.
5. Install 24/7 monitoring software on your PBX: Invest in a real-time toll-fraud detection system that will “learn” your company’s calling pattern and alert you by pager/email when a suspicious call occurs. The monitoring will allow you review your PBX call logging/reporting records regularly to spot any increases in call volumes or calls to suspicious destinations.